On Sat, Oct 27, 2018 at 3:36 PM Edward K. Ream <[email protected]> wrote:
> Leo itself, not LeoWapp, has a serious security problem. *Unknown .leo > files are potentially deadly! * > #1006 <https://github.com/leo-editor/leo-editor/issues/1006> suggests that Leo should allow @button and @command scripts only from .leo files in trusted directories. Imo, this is likely a complete solution, provided that users don't do something stupid like adding their download folder to this list! Edward -- You received this message because you are subscribed to the Google Groups "leo-editor" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/leo-editor. For more options, visit https://groups.google.com/d/optout.
