On Fri, Jun 21, 2002 at 07:07:38AM +0200, Axel Boldt wrote:
by blindly executing TeX when someone edits a page, we are assuming that they haven't included any malicious code in their TeX source.
TeX has two dangerous commands: shell escapes and writing to an arbitrary file. Both can be globally disabled (and are disabled by default in most TeX distributions). It is fairly easy however to write TeX which eats memory like crazy (TeX allows recursion :-), so we would have to somehow restrict the resources available to the TeX process. But we are of course right now already wide open to all sorts of denial-of-service attacks.
We don't need real TeX - we only need something that can parse limited TeX math mode and renders that.