On 23/07/2017 22:08, Christian Ridderström wrote:
Are the settings that needauth remember done: a) per document, regardless of converter b) per document-and-converter pair? c) Also per snippet of code?
it's only a), but pls keep in mind this is only for those (few) converters tagged with the 'needauth' option in configure.py. The rationale is that trust should be an issue with new docs never seen/compiled earlier only. What would it mean to trust Sweave insets in this doc, but NOT Gnuplot insets ? If I don't trust the document, then I should keep the warning every time a potentially harmful converter is attempted to be run. On the other hand, once I'm sure this is the doc I was expecting from my colleague, and I trust him/her, then it will be safe to authorize any converter in that doc.
E.g., what happens if I'm keeping a document on say a network drive. I put some code in the document and execute it. When asked by needauth the first time, I say "always allow for the document". So the next time I execute the document I'm not asked again. What happens now if someone else modifies the code embedded in the document? Will the permission(s) still be active, so that the document executes the new code? Am I warned in any way?
no further warning happens here: that's to facilitate collaborative editing with colleagues: once I said I trust that pathname, then if I check out (git pull) a change from my colleagues, I don't want to be bugged again and again about risks. On the other hand, if I don't trust the folks I'm co-editing a .lyx doc with (which I assume to be a very very unlikely use-case), then I should never check that box saying "Never ask me again for the same doc". Perhaps a variant could be that, even when I don't say "Never ask me again", if I authorize the use of a converter on a specific .lyx filename, then any further use of the same converter on the same file with the same time-stamp could be allowed without further questions to the user ?
If not, perhaps a future improvement could be to be able to approve specific code snippets to be executed. The user-dir could e.g. contain a hash of code snippets that's approved to be run for a certain document. Or perhaps even for all kinds of documents.
I'd be for keeping track of possible enhancements like this to 'needauth' as individual Trac items, to be linked to http://www.lyx.org/trac/ticket/10481 T.