Am Sonntag, 30. Juli 2017 um 23:15:53, schrieb Enrico Forestieri <for...@lyx.org> > On Sun, Jul 30, 2017 at 02:27:02PM +0200, Kornel Benko wrote: > > > > Testing the patch shell-escape-auth-5.diff, there is 1 issue from my side: > > The session entry is totally ignored if using 'lyx -E', therefore I'd prefer > > to save the entries in some other file (for instance "session.shellEscape"), > > which could be loaded unconditionally. > > I am wondering whether it is better this way, security wise.
Well, it is easier to use this for tests. The way I test now is to add
-shell-escape to _all_ latex converter.
> When you
> export from command line you don't get any clue that latex is allowed
> to run external programs.
For this we have to know which lyx file will need it.
Doable, but would also need extra info somewhere else.
> Perhaps a further line command option could
> be introduced, say --shell-escape, that in this case would be an explicit
> consent. This option would be effective only for batch jobs and ignored
> in normal operation.
>
Not in my reach ATM. I try to make the tests for existing lyx.
Kornel
signature.asc
Description: This is a digitally signed message part.
