/var/cache/fonts is world writable since tex needs this to create font cache. Having such a directory world writable can be a security risk. This can be solved simply creating a group "texusers", and giving write access to /var/cache/fonts only to that group. The only downside would be that users that need to use tex (and willing to use font cache feature) would be required to belong such a group. Reproducible: Always
I don't see anything in tetex stuff that'd create that dir world writable...
this is done in texmf-update, this is a known one, there are docs in kpathsea about it that says the "security" risk is very low. There are other issues aswell. see: http://groups.google.com/group/linux.gentoo.dev/browse_thread/thread/bf2e58fe200c0676/b72be3596cd2eb31
(In reply to comment #2) > this is done in texmf-update, this is a known one forced /var/cache/fonts to be world writable will be dropped from texlive 2008 > There are other issues aswell. which should all be fixed by now
(In reply to comment #3) > (In reply to comment #2) > > this is done in texmf-update, this is a known one > > forced /var/cache/fonts to be world writable will be dropped from texlive 2008 now tl2008 is in the tree, still masked though, let's close this one anyway so that I can keep track easily of unfixed bugs.