Difference between revisions of "Texmf.cnf"

From Wiki
Jump to navigation Jump to search
m (Metapost -> MetaPost)
(remove mentions of texexec.ini)
Line 10: Line 10:
If you don't want to take this security risk with all TeX code on your system, you might like to consider the following change to the appropriate line in [[texexec.ini]]:
'''Hint for MikTeX users:''' The counterpart to <tt>texmf.cnf</tt> is <tt>miktex.ini</tt>.
for  tetex  set  TeXPassString    to  -progname=context -shell-escape
(If yours is a non-tetex system, choose the appropriate line. If there are other options present, like <tt>--default-translate-file=cp8bit</tt>, then don't delete them!)
This will enable <tt>\write18</tt> support per <tt>texexec</tt> job, and not system-wide. An administrator would therefore only have to worry about malicious ConTeXt code, and not about other TeX systems running. With the second modification, you can leave the <tt>shell_escape</tt> line in <tt>texmf.cnf</tt> commented out/false.
'''Hint for MikTeX users:''' The counterpart to <tt>texmf.cfg</tt> is <tt>miktex.ini</tt>.

Revision as of 10:05, 15 July 2006

< Installation hints

Most options in texmf.cnf of modern TeX distributions are ok for ConTeXt (in former times you had to care for ConTeXt's huge memory needs yourself and occasionally set some additional paths). The one thing left:

ConTeXt likes TeX's "write18" function enabled to run MetaPost and some other tools in the background. That's a potential security risk (malicious TeX code could run any program with your user rights), so it's off (false) by default.

shell_escape = t

Hint for MikTeX users: The counterpart to texmf.cnf is miktex.ini.