[NTG-context] PDF viewer poll

Hans Hagen j.hagen at xs4all.nl
Mon Oct 21 10:21:35 CEST 2019


On 10/20/2019 10:15 PM, Marcin Borkowski wrote:

>> Maybe Lua is, but every scriptable program is a risk.
>> LuaTeX and write18 _are_ dangerous.
>> It would be very easy to spread malicious TeX code, since everyone uses CTAN (LaTeX) packages without checking them first.
>> But it wouldn’t come far, I guess, for it needs a while for a package to become known and in wide use, and that still means only in a subset of the (La)TeX community, where there are enough expert hackers who would find this malicious code.
> 
> Assuming that they would search for it.  I'm less of an optimist here.
no problem getting a hit on a search

https://www.usenix.org/system/files/login/articles/73506-checkoway.pdf

-----------------------------------------------------------------
                                           Hans Hagen | PRAGMA ADE
               Ridderstraat 27 | 8061 GH Hasselt | The Netherlands
        tel: 038 477 53 69 | www.pragma-ade.nl | www.pragma-pod.nl
-----------------------------------------------------------------


More information about the ntg-context mailing list