On Fri, May 09, 2008 at 04:40:01PM +0200, Andre Poenitz wrote: > On Thu, May 08, 2008 at 06:13:45PM -0400, rgheck wrote: > > by making additional uses of the path information we're wrongly storing. > > Right now, that information is used only to locate the file we need. On > > your proposal, it would also be used for something else, namely, update > > from external file, etc. But it does not seem to *need* to be used for the > > update business, since we have the session-based alternative. > > Another idea: > > We can call the embedded files foo1.png, foo2.pdf etc, embed it using > these fake names and have the mapping to actual locations in the > filesystem in an additional binary blob that's cryptographically > protected. > > So viewing the .lyx, creating a .pdf from it etc would continue to work, > but any interaction with the original locations would only be possible > for the people having the key.
Taken further: There could even be several such mappings for different contexts (machines, users, "jail") Andre'
