Thanks, -dsafe looks like the simplest to use but 'In addition, safe mode disallows \include' which I need to use the symbol file. Is it sufficient to concatenate the symbol file at the beginning of the user code?
On 15 April 2018 at 11:45, Malte Meyn <[email protected]> wrote: > > > Am 15.04.2018 um 12:41 schrieb Robert Hickman: > >> Second thought: (see my previous, sorry about double posting). >> >> What are the risks of integrating lillypond into a CMS from a security >> perspective, does it allow you to run shell commands for instance? I will >> not be exposing this publicly, just to the admin interface only I use. I >> like to know what exploits anything I use could expose howeaver. >> > > Have a look at the options --jail and -dsafe at > http://lilypond.org/doc/v2.19/Documentation/usage-big-page.html > > _______________________________________________ > lilypond-user mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/lilypond-user >
_______________________________________________ lilypond-user mailing list [email protected] https://lists.gnu.org/mailman/listinfo/lilypond-user
