Le 04/11/2016 à 10:22, Tommaso Cucinotta a écrit :
Guess one could try to filter out execution of external commands before sending them to gnuplot, within the gnuplot2pdf.py, but that might limit functionality (should catch the !cmd syntax, but also the plot "< cmd" syntax, with the latter one being one of my common use-cases :-) ).
I am sure that such a filter could be worked around.
On a related note, you can already execute external scripts from LaTeX through \write18{...} or \input{|command...}, albeit that seems to need an explicit -shell-escape on the command-line to LaTeX, in order to enable the feature. Also, I guess that integration of external materials suffers of similar security risks.
Another big hole is Sweave/knitr.
Are we sure a bomb-virus .lyx file is not already possible as of the nowadays LyX features :-) ?
The solution is probably to mark some converters or templates as "dangerous" and show warnings to the user the first time they are used (maybe on a per document basis).
JMarc