On Fri, Jun 21, 2002 at 07:07:38AM +0200, Axel Boldt wrote:
by blindly executing TeX when someone edits a
page, we are assuming
that they haven't included any malicious code in their TeX source.
TeX has two dangerous commands: shell escapes and writing to an
arbitrary file. Both can be globally disabled (and are disabled by
default in most TeX distributions). It is fairly easy however to write
TeX which eats memory like crazy (TeX allows recursion :-), so we
would have to somehow restrict the resources available to the TeX
process. But we are of course right now already wide open to all sorts
of denial-of-service attacks.
We don't need real TeX - we only need something that can parse limited
TeX math mode and renders that.