55874 – Bad defaults in /usr/bin/texdoc

Bug 55874 - Bad defaults in /usr/bin/texdoc

Summary: Bad defaults in /usr/bin/texdoc

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	tetex
Sub Component:
Version:	7.2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tim Waugh
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-11-08 02:22 UTC by Michal Jaegermann
Modified:	2007-04-18 16:38 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-11-09 11:50:39 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2001:166	0	normal	SHIPPED_LIVE	Updated teTeX packages available	2001-12-11 05:00:00 UTC

Description Michal Jaegermann 2001-11-08 02:22:28 UTC

Description of Problem:

In 'texdoc' script one can find:
: ${TEXDOCVIEW_dvi='xdvi %s &'}
: ${TEXDOCVIEW_pdf='acroread %s &'}
: ${TEXDOCVIEW_ps='ghostview %s &'}
: ${TEXDOCVIEW_html='netscape %s &'}
: ${TEXDOCVIEW_txt="${PAGER-more} %s"}

'acroread' may not even exist for a given platform, and if it
exists nobody says that it will be installed, and this should be
rather 'xpdf'.

'ghostview' is a link, so this is ok, but 'netscape' may become
"iffy" over time.  In any case '-remote' likely should be tried first
to open a page in an already running browser.  Maybe some informative
message should be printed, indicating a possibilty to override a viewer
choice with environment variables, if a requested one does not exist?


Version-Release number of selected component (if applicable):
tetex-1.0.7-30 but the same goes for current tetex from rawhide.

Comment 1 Tim Waugh 2001-11-08 15:18:24 UTC

*shudder*: viewer=`eval echo $viewer | sed -e "s|%s|$filename|g"`

Yes, those defaults are bad on a Red Hat Linux system.  How about these?:

: ${TEXDOCVIEW_dvi='xdvi %s &'}
: ${TEXDOCVIEW_pdf='xpdf %s &'}
: ${TEXDOCVIEW_ps='ghostview %s &'}
if [ -x /usr/bin/mozilla ]
then
        : ${TEXDOCVIEW_html='mozilla %s &'}
else
        : ${TEXDOCVIEW_html='netscape %s &'}
fi
: ${TEXDOCVIEW_txt="${PAGER-more} %s"}

I'm not going to put a whole script in there.  The string replacement hack is 
broken enough, without inviting trouble. (See 
http://cyberelk.net/tim/articles/cmdline)

Comment 2 Michal Jaegermann 2001-11-08 16:17:21 UTC

> *shudder*: viewer=`eval echo $viewer | sed -e "s|%s|$filename|g"`

I agree with your reaction. :-)  Likely it is not a security threat because
it executes under a user id anyway.  I miss what is the real role of eval here.
But how about something like this instead:

  viewer=$( printf "$viewer" "$filename" )

At least you will make %s useful. :-)

> How about these?

Maybe you should start with a check for galeon first?  It is quite a bit
lighter than both mozilla and netscape.  It will also automatically
reuse an existing running process.  With netscape and mozilla you would
have to use '-remote' flag for that and, at least with netscape, it does
not have an automatic failover to a new process.  Sigh!  One has to do
something of that sort:

  - set 'remote=yes' if viewer is 'netscape -remote ....' or similar
  - do something like this
    if [ "$remote" ] ; then
     if $viewer >/dev/null 2>&1 ; then
         exit 0;  # we managed to hook up to a running browser
     else
        viewer=...  # drop '-remote' flag
     fi
    fi
    # .... continue as usual

If you do not want to play with that I will not blame you but "galeon first"
would be simple and nice.

Comment 3 Tim Waugh 2001-11-12 22:27:14 UTC

Fixed in tetex-1.0.7-36.3.

Note You need to log in before you can comment on or make changes to this bug.