[Wikipedia-l] Security of evaluating arbitrary TeX code

[Axel Boldt]

The mathwiki code I mentioned does not take ane precautions when
evaluation TeX code, and that is indeed a security hole.

I asked around on usenet
(http://groups.google.com/groups?threadm=d55ab765.0111091929.1e4b9af4%40posting.google.com&rnum=1)
and found out that TeX can write to arbitrary files and can also
execute shell scripts, but fortunately, both of those features can be
switched off, at least in the tetex distribution which is the standard
on Linux/Unix.

Axel