Op maandag 02-02-2009 om 02:21 uur [tijdzone +0100], schreef Johannes Schindelin:
> > > Tim Starling, one of the main wikipeda software developers, says: > > > > > > My understanding is that > > > > > > a) safe mode is not secure, being trivially DoS-able by short > > > infinite loop scripts > > > > As it currently stands, yes. > > > > > b) safe mode will not work for many of the free scores available on > > > the web > I think that was part of the bad research Tim did that really upset me. Yes. So if we get > > Assign two Frogs to the task: > > - one person ensures that lilypond input without **any** scheme > > will always end in a reasonable amount of time. > > - one person modifies --safe. I'm sure that we can whitelist a > > few more commands (IIRC changing the paper size is not "safe"). > > But we'll certainly need to remove much of the more basic stuff. we should probably mention on the wikipedia page that these concerns are being worked on. Why doesn't WikiPedia come to us with questions or bug reports? Jan. -- Jan Nieuwenhuizen <[email protected]> | GNU LilyPond - The music typesetter http://www.xs4all.nl/~jantien | http://www.lilypond.org _______________________________________________ lilypond-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/lilypond-devel
