Bo Peng wrote:
I'd simply drop that feature. There is no proper solution possible.
Actually, when I think about it...
Suppose I bundle a file with relative path
"../../../../../../../../../etc/passwd"
and open that file with root permissions in LyX.
If you sys admin does this, you should immediately fire him. :-)
Anyway, you got your point and I agree that it is a sensible policy to
never write outside of the document directory. That is to say, we keep
everything we currently have, but when someone tries to unbundle some
file to a directory outside of the document directory, we disallow
extraction of the file or ask the user to extract to the document
directory. In this way
1. Arbitrary files can be embedded, this allows users to keep their
own document directory structure.
I guess I don't see this, quite. Sure, you can specify the the distant
file when you choose it, but once it is embedded, the distant file has
nothing to do with it. It can only be extracted to a subdirectory (if
you're still doing a general unbundling, as opposed to selective
unbundling, as Andre suggested). So you might as well have copied it to
that location for them.
That isn't an objection.
Richard
