More precisely, I want to run PDFLatex on a server and let it accept arbitrary .tex source files from users, returning the compiled pdf to them. However, obviously this introduces a security threat (most importantly in terms of write access to the server's file system).
I have read this very similar question where the answers hint at performing some changes to texmf.cnf: How can I safely compile other people's LaTeX documents?
But first of all, I am using Miktex (2.9), and it doesn't seem to use a texmf.cnf config file. Where would I perform the described changes in Miktex?
And second of all, I am running a Windows server. Is there anything special to consider in this case?
I am aware that this is a quite open-ended question, and I'm not looking for a definitive answer. I'd just like to avoid the most obvoious risks. So any "creative" ideas (from a hacker's point of view) will be appreciated!
\write18macros... or\pdfshellescape, etc. In MikTeX, these should be disabled by default, unless you enable them. – Steven B. Segletes Sep 01 '15 at 13:26