On 6/29/11 2:11 AM, Rolf wrote:
This is very strange.
There is something hidden in Seberino's worksheets that prevents them
from being executed automatically.
First I thought it is the comment added above the first cell. But his
new example demonstrates that this is obvious not core of the problem.
Both his example woksheets don't work on my system either, but if I
transfer all that is visible to a new worksheets the code works
perfectly.
Unfortunately, it is impossible to debug a worksheet or to read it
'manually' as a text file.
I wonder if it is possible to send viruses by worksheets?
I'm sure this is possible. For example, it would be trivial to write a
worksheet that does 'rm -rf $HOME' inside an autoexecute cell. If that
worksheet was downloaded and opened on a user's local computer, it would
be very bad.
As worksheets may contain hidden information, can be automatically
executed, and cannot be read as a simple text file, all this raises
grave security concerns.
One thing we should provide is an "open and don't execute any %auto
cells". I think that should allow you to inspect the code before
running it. Great idea. In fact, when a worksheet is uploaded, it
probably should have a 'don't execute' bit set. Before any cells are
executed, a warning box is popped up, like happens in OSX, for example,
telling the user that it is a new worksheet and are they sure they want
to execute things from it.
Can you file a google issue for this on the sage notebook code site?
Jason
--
To post to this group, send an email to [email protected]
To unsubscribe from this group, send an email to
[email protected]
For more options, visit this group at http://groups.google.com/group/sage-devel
URL: http://www.sagemath.org
