## LaTeX forum ⇒ General ⇒ Hacking with LaTeX! How to protect?

LaTeX specific issues not fitting into one of the other forums of this category.
eugene8086
Posts: 9
Joined: Thu Apr 02, 2015 3:17 pm

### Hacking with LaTeX! How to protect?

I`m creating the rendering images (with a formulas) script for the web site, which is based on texlive. I have found that there is a security vulnerability.

For example, using the commands `\include` `\input` `\openin` `\read` `\openout` `\write` a user can embed in the document that is processed on the server and open, read, write a files.

There is also a risk insert commands that cause an infinite loop, for example `\loop` `\while`.

How to anticipate all the dangers? For example, there is a form of use `\@input`. What other operators are dangerous? Where can I find documentation for a complete list of commands, working with files, inserting executable code into the tex document? I want to write the full black list and filter them.

(Sorry for my bad English)
Last edited by cgnieder on Tue Oct 04, 2016 6:13 pm, edited 1 time in total.
Reason: added code markup

Tags: