On Wed, Jul 19, 2017 at 10:58:44AM -0400, Richard Heck wrote: > > Thanks for this, Enrico. Let me just ask one question about it: Is the > mechanism here per-document > or per-document and also per-converter?
This only addresses particular converters, i.e., the latex backends. > That is, suppose there was a > document that contained R > code and minted code. Please, note that this is not specifically aimed at minted. It only allows the latex backend to execute external commands. In case there is R code, it doesn't need this permission and would execute whether or not one allows shell-escape. > Would one be warned about both or would one only > be asked once? If there is a needauth converter involved in a latex run, one would be warned about it independently of whether shell-escape is allowed or not. So, one would be warned first to allow at all the latex run in case shell-escape is allowed, and then would be warned that there is also a dangerous converter to be run. Both warnings can be independently suppressed. So, even if you allowed the dangerous converter, you will be warned about shell-escape, and vice versa. > If the > the latter, how hard would it be to change that? I hope I answered your question. > Oh, maybe another thought: Could clicking the 'warning' icon easily be > used to disable execution? > Just a UI thought there. I don't know how much easily. But this is simply because of my ignorance about Qt. It could be very easy to do that. -- Enrico
