> That means: There only is a real and severe security problem if
> lilypond-invoke-editor is installed to handle non-textedit URIs.
>
> Does anybody do that? Probably not.
>
> I think we simply should nuke run-browser and do nothing
> if lilypond-invoke-editor is called with a non-textedit URI.
Disclaimer: I don't use lilypond-invoke-editor. In fact, I don't use
lilypond at all.
The documentation [1] claims that this is the intended usage:
> The program ‘lilypond-invoke-editor’ is a small helper program. It
> will invoke an editor for the special textedit URIs, and run a web
> browser for others. It tests the environment variable EDITOR for the
> following patterns,
I'm not sure if it's easy to configure per-URI-scheme handlers in many
PDF readers. At least in some cases, the option to use
lilypond-invoke-editor as a generic handler is probably the easiest
one.
For reference, this can be fixed (on non-Windows) with something like:
(define (run-browser uri)
(let ((browser (if (getenv "BROWSER")
(getenv "BROWSER")
"firefox")))
(execlp browser browser uri)))
I guess this fix won't work on Windows. Maybe system* would work?
[1]
http://lilypond.org/doc/v2.18/Documentation/usage/configuring-the-system-for-point-and-click.html
--
Gabriel
_______________________________________________
bug-lilypond mailing list
bug-lilypond@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-lilypond
