[tex-live] movie15 and media9
Zdenek Wagner
zdenek.wagner at gmail.com
Sun Mar 18 18:34:20 CET 2012
2012/3/18 Victor Ivrii <vivrii at gmail.com>:
> 2012/3/18 Pablo Rodríguez <oinos at web.de>:
>>
>> Yes, you are right, but actually the TLContrib page describes the
>> following situations:
>>
>> it is not free software according to the FSF guidelines;
>> it is an executable update;
>> it is not available on CTAN;
>> it is an intermediate release for testing.
>>
>> Of course, for movie15 and media9 only option 1 applies.
>
> movie15 and media9 are definitely free according to FSF.
>
>
> BTW, the narrow interpretation of what is free definitely disqualifies
> all software as it requires computer to run and computers are not
> free.
>
IMHO we should promote using TeX, not discourage it. If we say, if you
would like to use all power of PDF, do not do it in TL because you
currently need AR for rendering the PDF file. AR is not free according
to FSF, thus packages generating such a code cannot be in TL because
no one dared to make a free implementation of a PDF viewer capable to
conform to the whole standard. You should rather use M$ Word because
you are not required to install anything, you just drag it by mouse
and it will hopefully work. I do not consider it good precedence.
Saying that AR is vulnerable is not a good argument either. The same
holds for ghostscript. If it is not run with -dSAFER (and you never
know how it is configured on a user's machine), malicious PS can
damage a computer. Such a code can be generated by TeX + dvips. Will
you consider removal of dvips because it can generate malicious PS
files?
If pdftex or xetex is available as a web service and users are allowed
to insert arbitrary TeX code, this small file can reveal an
information useful for attackers unless the default TL configuration
is modified:
\documentclass{article}
\begin{document}\tt\obeylines
\input /etc/passwd
\end{document}
>
>>
>> Just in case it helps,
>
>
>
> --
> ========================
> Victor Ivrii, Professor, Department of Mathematics, University of Toronto
> http://www.math.toronto.edu/ivrii
>
--
Zdeněk Wagner
http://hroch486.icpf.cas.cz/wagner/
http://icebearsoft.euweb.cz
More information about the tex-live
mailing list