On 23/07/2017 22:08, Christian Ridderström wrote:
Are the settings that needauth remember done:
a) per document, regardless of converter
b) per document-and-converter pair?
c) Also per snippet of code?
it's only a), but pls keep in mind this is only for those (few) converters
tagged with the
On Tue, Jul 25, 2017 at 12:13:05AM +0200, Tommaso Cucinotta wrote:
> On 18/07/2017 00:49, Guillaume MM wrote:
> > (Another one is if the path is ~/Download/new1.lyx and you happen to
> > have given permanent permissions for a file with the same path three
> > years earlier, deleted and forgotten
On 18/07/2017 00:49, Guillaume MM wrote:
(Another one is if the path is ~/Download/new1.lyx and you happen to
have given permanent permissions for a file with the same path three
years earlier, deleted and forgotten about since...)
there's been discussion during the needauth development about
On 18 July 2017 at 09:06, Scott Kostyshak wrote:
> On Mon, Jul 17, 2017 at 11:53:38PM +0200, Christian Ridderström wrote:
>
>> A) In LyX 2.2.x, if I open the document, no "converters" are executed. But
>> when I attempt to generate the PDF, the document could via e.g. 'R'
On Mon, Jul 17, 2017 at 11:53:38PM +0200, Christian Ridderström wrote:
> A) In LyX 2.2.x, if I open the document, no "converters" are executed. But
> when I attempt to generate the PDF, the document could via e.g. 'R' execute
> arbitrary code on my computer, as if it were my user account. And
Le 17/07/2017 à 23:53, Christian Ridderström a écrit :
Hi,
I've gotten lots of information from Enrico and Guillaume related to the
security "gap", but I'd like to boil it down to simpler questions to
make the situation clear to me.
Assume that I've gotten a LyX document by e-mail. It was