Helge Hafting wrote:
Ouch.
Could this be solved by having LyX refusing to use gnuplot file
containing the "system" command? Or is it much more complicated?
Helge Hafting
Yeah right... If only shell execution can be a security hall (is this
right?), we can comment out the related lines from the source file by
the python script. Anyway the script scans over the source file, doing
so is rather straightforward.
So, how about modifying the gnuplot.py in a way that, if it finds out
the expression "^\s*system" or "^\s*\!", it comments out the related
lines. It may break the consistency of the source, therefore user may
not obtain the correct output, it may be more flexible than stopping the
execution of gnuplot itself. We simply warn users in the help
description, that the gnuplot source may not work correctly if "system"
or "!" lines are included as they will be skipped.
Koji
