From 70f57c08e38c62a099bf3e219da08e537ad72ced Mon Sep 17 00:00:00 2001 From: Hans Hagen Date: Mon, 14 May 2012 09:19:00 +0200 Subject: beta 2012.05.14 09:19 --- web2c/contextcnf.lua | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) (limited to 'web2c') diff --git a/web2c/contextcnf.lua b/web2c/contextcnf.lua index b89b7d34d..fe88bef1c 100644 --- a/web2c/contextcnf.lua +++ b/web2c/contextcnf.lua @@ -109,6 +109,39 @@ return { FONTCONFIG_FILE = "fonts.conf", FONTCONFIG_PATH = "$TEXMFSYSTEM/fonts/conf", + limiters = { + input = { + -- any = { + -- { "permit", "*" }, + -- }, + -- restricted = { + -- { "permit", "*" }, + -- }, + paranoid = { + { "permit", "^[^/]+$" }, + { "permit", "^./" }, + { "forbid", ".." }, + { "tree" , "TEXMF" }, + -- { "tree" , "MPINPUTS" }, + -- { "tree" , "TEXINPUTS" }, + { "forbid", "^/.." }, + { "forbid", "^[a-c]:/.." }, + }, + }, + output = { + -- any = { + -- { "permit", "*" }, + -- }, + -- restricted = { + -- { "permit", "*" }, + -- }, + paranoid = { + { "permit", "^[^/]+$" }, + { "permit", "^./" }, + }, + } + }, + }, -- We have a few reserved subtables. These control runtime behaviour. The @@ -141,8 +174,8 @@ return { -- The io modes are similar to the traditional ones. Possible values -- are all, paranoid and restricted. - ["system.outputmode"] = "restricted", - ["system.inputmode"] = "any", + -- ["system.outputmode"] = "restricted", + -- ["system.inputmode"] = "any", -- The following variable is under consideration. We do have protection -- mechanims but it's not enabled by default. -- cgit v1.2.3