Re: #10481: Hardening LyX against potential misuse
Le 15/12/16 à 21:13, Tommaso Cucinotta a écrit : On 13/12/2016 11:25, Helge Hafting wrote: that's why I'm looking into AppArmor instead, which is essentially a Seems like a good thing - especially the ability to prevent networking. No network - no LyX-based virus at least. we need both, file-system confinement and no networking, otherwise e.g., an R script in a LyX doc might overwrite ~/.Rprofile, which might getexecuted next time the user runs R independently (outside of LyX, where it's not confined). On the other hand, allowing only to read ~/.Rprofile (without writing) seems useful and not harmful. So allow read-only of everything and read/write in the temp file. JMarc
Re: #10481: Hardening LyX against potential misuse
On 13/12/2016 11:25, Helge Hafting wrote: that's why I'm looking into AppArmor instead, which is essentially a Seems like a good thing - especially the ability to prevent networking. No network - no LyX-based virus at least. we need both, file-system confinement and no networking, otherwise e.g., an R script in a LyX doc might overwrite ~/.Rprofile, which might getexecuted next time the user runs R independently (outside of LyX, where it's not confined). On the other hand, allowing only to read ~/.Rprofile (without writing) seems useful and not harmful. About chroot-ing, albeit seems doable to copy what a converter needs in the restricted root, eg, ldd gives you what dynlibs are needed, the problem stays with additional data the program might need, plus you need additional privileges to chroot(), overall making the chroot() way quite impractical [ we don't want to have any suid exe in lyx, do we :-) ? ] T.
Re: use cfrac.sty in lib/unicodesymbols?
On 16/12/2016 5:15 a.m., Guenter Milde wrote: Dear LyX developers, To fix the 8 years old bug http://www.lyx.org/trac/ticket/5220 "different conversion of vulgar fraction unicode chars", I recommend using \sfrac from the xfrac package. The xfrac.sty package (http://www.ctan.org/pkg/xfrac) from the LaTeX 3 team exists since 2004 and is under active development. It was too new for consideration 8 years ago but nowadays this should no longer be a problem. It is the best current praxis (part of "texlive-latex-recommended" in Debian) and works for different fonts, is configurable and well documented. The examples http://www.lyx.org/trac/raw-attachment/ticket/5220/vulgar-fractions4.pdf and http://www.lyx.org/trac/raw-attachment/ticket/5220/vulgar-fractions4-times.pdf show the problem with the current setup and what can be achieved with cfrac. +1 good looking, consistent output for fraction-characters (¼ ½ ⅚ ℀ ℁ ⅍) using the state-of-the-art package. -1 additional dependency. I see already the mhchem package under Help > LaTeX Configuration. This uses packages from the l3kernel bundle (expl3), the l3packages bundle (l3keys2e) and the l3experimental bundle (l3regex). xfrac.sty is part of the l3packages bundle. Andrew Objections? Günter --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
Re: french quotes (was: problems with quotes)
Am Donnerstag, den 15.12.2016, 13:13 + schrieb Guenter Milde: > How about the following patch that simplifies the code a bit by using > the > same characters for text, docbook and html export? > Tested and works here. I'll let the docbook/xhtml folks decide on this. Jürgen signature.asc Description: This is a digitally signed message part
use cfrac.sty in lib/unicodesymbols?
Dear LyX developers, To fix the 8 years old bug http://www.lyx.org/trac/ticket/5220 "different conversion of vulgar fraction unicode chars", I recommend using \sfrac from the xfrac package. The xfrac.sty package (http://www.ctan.org/pkg/xfrac) from the LaTeX 3 team exists since 2004 and is under active development. It was too new for consideration 8 years ago but nowadays this should no longer be a problem. It is the best current praxis (part of "texlive-latex-recommended" in Debian) and works for different fonts, is configurable and well documented. The examples http://www.lyx.org/trac/raw-attachment/ticket/5220/vulgar-fractions4.pdf and http://www.lyx.org/trac/raw-attachment/ticket/5220/vulgar-fractions4-times.pdf show the problem with the current setup and what can be achieved with cfrac. +1 good looking, consistent output for fraction-characters (¼ ½ ⅚ ℀ ℁ ⅍) using the state-of-the-art package. -1 additional dependency. Objections? Günter
Re: french quotes (was: problems with quotes)
On 2016-12-15, Jürgen Spitzmüller wrote:
...
> OK, I removed that spacing in master. Let's see what happens.
Thank you.
How about the following patch that simplifies the code a bit by using the
same characters for text, docbook and html export?
Tested and works here.
With your recent work on macro termination, a similar unification could be
applied to LaTeX export (using latex_quote_noligatures generally).
Then, future extensions like adding new styles for straight and italean
quotes become a bit simpler.
frohe Adventsgrüße,
Günter
Exec: git 'diff' 'InsetQuotes.cpp' 2>&1
Dir: /usr/local/src/lyx/src/insets/
diff --git a/src/insets/InsetQuotes.cpp b/src/insets/InsetQuotes.cpp
index 49bb00b..3244647 100644
--- a/src/insets/InsetQuotes.cpp
+++ b/src/insets/InsetQuotes.cpp
@@ -97,12 +97,6 @@ char const * const latex_quote_babel[2][5] = {
{ "\\glqq", "''", "``", "\\flqq", "\\frqq" }
};
-char const * const html_quote[2][5] = {
- { "", "", "",
- "", "" },
- { "", "", "", "", "" }
-};
-
} // namespace anon
@@ -207,10 +201,11 @@ docstring InsetQuotes::displayString() const
docstring retdisp = docstring(1, display_quote_char[times_][index]);
// in French, thin spaces are added inside double guillemets
- // FIXME: this should be done by a separate quote type.
+ // FIXME: should this be done by a separate quote type?
if (prefixIs(context_lang_, "fr")
&& times_ == DoubleQuotes && language_ == FrenchQuotes) {
- // THIN SPACE (U+2009)
+ // FIXME: also for single quotes (like LuaTeX)
+ // FIXME: THIN SPACE (U+2009) or narrow no-break space (U+202F)
char_type const thin_space = 0x2009;
if (side_ == LeftQuote)
retdisp += thin_space;
@@ -325,7 +320,7 @@ void InsetQuotes::latex(otexstream & os, OutputParams const
& runparams) const
}
-int InsetQuotes::plaintext(odocstringstream & os,
+int InsetQuotes::plaintext(odocstringstream & os,
OutputParams const &, size_t) const
{
docstring const str = displayString();
@@ -334,34 +329,16 @@ int InsetQuotes::plaintext(odocstringstream & os,
}
-docstring InsetQuotes::getQuoteEntity() const {
- const int quoteind = quote_index[side_][language_];
- docstring res = from_ascii(html_quote[times_][quoteind]);
- // in French, thin spaces are added inside double guillemets
- // FIXME: this should be done by a separate quote type.
- if (prefixIs(context_lang_, "fr")
- && times_ == DoubleQuotes && language_ == FrenchQuotes) {
- // THIN SPACE (U+2009)
- docstring const thin_space = from_ascii("");
- if (side_ == LeftQuote)
- res += thin_space;
- else
- res = thin_space + res;
- }
- return res;
-}
-
-
int InsetQuotes::docbook(odocstream & os, OutputParams const &) const
{
- os << getQuoteEntity();
+ os << displayString();
return 0;
}
docstring InsetQuotes::xhtml(XHTMLStream & xs, OutputParams const &) const
{
- xs << XHTMLStream::ESCAPE_NONE << getQuoteEntity();
+ xs << XHTMLStream::ESCAPE_NONE << displayString();
return docstring();
}
Re: french quotes
Le 14/12/2016 à 18:27, Guenter Milde a écrit :
The options are mentioned in the Changelog of frenchb.pdf:
v2.0d \frenchbsetup: Options og and fg changed: limit the definition to
French so that quote characters can be used in German.
Unfortunately, there is no date given, but it is more then 4 years at
minimum.
TeXlive 2012 comes with:
\ProvidesLanguage{frenchb}
[2010/08/21 v2.5a French support from the babel system]
So indeed version 2.0d is pretty old.
JMarc
Re: french quotes (was: problems with quotes)
Am Mittwoch, den 14.12.2016, 17:27 + schrieb Guenter Milde: > // the preceding space is important here > // FIXME: really? (doesn't make a difference > // with recent babel-french) > qstr = " \\fg"; > > The first line was an error. It is not important here. "Since ages", > Babel said that ordinary space inside double guillements is optional > -- > babel-french cares for the correct spacing. > > Fixing this would also allow to revert 526b6a4afc285 > (no special " \\fg" case required). OK, I removed that spacing in master. Let's see what happens. Jürgen signature.asc Description: This is a digitally signed message part
