On Mon, May 29, 2017 at 05:53:08PM -0400, Scott Kostyshak wrote:
> It is a not-so-rare situation that the user needs to add -shell-escape as an
> option to the LaTeX converter that is being used, in order to compile a
> document.
>
> We can't ship documents that compile out-of-the-box without the user
> doing the dance of figuring out how to add the option. The average user
> does not feel comfortable modifying converter options, and further they
> need to (or at least should) remember to remove the option after they
> are done compiling a document.
>
> It would be nice to make the process of temporarily using -shell-escape
> more user-friendly.
>
> One solution is to add a set of converters, one for each LaTeX flavor,
> and then to specify the "needauth" flag for those converters. It would
> be unfortunate to have
>
> LaTeX (pdflatex) (shell-escape) -> PDF (pdflatex-se)
>
> as a completely different converter from
>
> LaTeX (pdflatex-shell-escape) -> PDF (pdflatex)
>
> An alternative is to recognize that really this should be a document
> setting. We could have a document option "shell-escape" (or a more
> user-friendly name) in Document > Settings > Formats, which does the
> following if checked: If an export is chosen that uses a LaTeX
> converter, -shell-escape is added to the options.
> Of course, for this approach we need to be careful. A malicious user
> could just set the document setting and then do bad stuff. So LyX
> would need to confirm once that the user trusts the document (using
> the needauth framework?).
>
> Any thoughts?
Here is a proposal not relying on the needauth machinery.
When a document needs to be processed with the -shell-escape option,
the user should edit the proper converter to add that option.
Thus, this option remains valid for all documents that are processed
from here on, not only for the one that actually needs it.
It may also happen that the user forgets to remove the -shell-escape
option, with all security risks that this entails.
The attached patch adds a new toolbar button that enables the -shell-escape
option only for the document needing it. All other documents that
are processed in the same session are not affected. When the user
finishes his work and closes the document, the status of the toolbar
button is reset. This status is not saved in the document, so that
next time the document is reloaded, the toolbar button has to be checked
again.
This avoids the risk that a malicious document can do any harm, as
without checking the toolbar button, nothing can happen.
Also find attached an icon for the button, to be placed in lib/images.
--
Enrico
diff --git a/lib/ui/stdtoolbars.inc b/lib/ui/stdtoolbars.inc
index 9da37ecf75..794325665a 100644
--- a/lib/ui/stdtoolbars.inc
+++ b/lib/ui/stdtoolbars.inc
@@ -103,6 +103,7 @@ ToolbarSet
Item "Update" "buffer-update"
Item "View master document" "master-buffer-view"
Item "Update master document" "master-buffer-update"
+ Item "Allow running external programs"
"buffer-toggle-shell-escape"
Item "Enable Forward/Reverse Search" "buffer-toggle-output-sync"
Separator
StickyPopupMenu "view-others" "View other formats"
diff --git a/src/Buffer.cpp b/src/Buffer.cpp
index 61b89200c1..0bdbe176d4 100644
--- a/src/Buffer.cpp
+++ b/src/Buffer.cpp
@@ -2613,6 +2613,11 @@ bool Buffer::getStatus(FuncRequest const & cmd,
FuncStatus & flag)
break;
}
+ case LFUN_BUFFER_TOGGLE_SHELL_ESCAPE: {
+ flag.setOnOff(params().shell_escape);
+ break;
+ }
+
case LFUN_BUFFER_TOGGLE_OUTPUT_SYNC: {
flag.setOnOff(params().output_sync);
break;
@@ -2888,6 +2893,10 @@ void Buffer::dispatch(FuncRequest const & func,
DispatchResult & dr)
params().compressed = !params().compressed;
break;
+ case LFUN_BUFFER_TOGGLE_SHELL_ESCAPE:
+ params().shell_escape = !params().shell_escape;
+ break;
+
case LFUN_BUFFER_TOGGLE_OUTPUT_SYNC:
undo().recordUndoBufferParams(CursorData());
params().output_sync = !params().output_sync;
diff --git a/src/BufferParams.cpp b/src/BufferParams.cpp
index 38ca643400..8b282171ef 100644
--- a/src/BufferParams.cpp
+++ b/src/BufferParams.cpp
@@ -459,6 +459,7 @@ BufferParams::BufferParams()
html_css_as_file = false;
display_pixel_ratio = 1.0;
+ shell_escape = false;
output_sync = false;
use_refstyle = true;
use_minted = false;
diff --git a/src/BufferParams.h b/src/BufferParams.h
index 9f20ce14c6..aa33b9a61e 100644
--- a/src/BufferParams.h
+++ b/src/BufferParams.h
@@ -535,6 +535,8 @@ public:
std::string html_latex_end;
///
bool html_css_as_file;
+ /// allow the LaTeX backend to run external programs
+ bool shell_escape;
/// generate output usable for reverse/forward search
bool output_sync;
/// custom LaTeX macro from user instead our own
diff --git a/src/Converter.cpp b/src/Converter.cpp
index 6e10b18704..16e489010e 100644
--- a/src/Converter.cpp
+++ b/src/Converter.cpp
@@ -470,6 +470,9 @@ bool Converters::convert(Buffer const * buffer,
command = subst(command, token_from, "");
command = subst(command, token_latex_encoding,
buffer->params().encoding().latexName());
+ if (buffer->params().shell_escape
+ && !contains(command, "-shell-escape"))
+ command += " -shell-escape ";
LYXERR(Debug::FILES, "Running " << command);
if (!runLaTeX(*buffer, command, runparams, errorList))
return false;
diff --git a/src/FuncCode.h b/src/FuncCode.h
index 7949bce41a..33249b4635 100644
--- a/src/FuncCode.h
+++ b/src/FuncCode.h
@@ -473,6 +473,8 @@ enum FuncCode
LFUN_BUFFER_ZOOM, // daniel, 20161028
LFUN_TOOLBAR_MOVABLE, // daniel, 20160712
LFUN_FONT_CROSSOUT, // uwestoehr 20170404
+ LFUN_BUFFER_TOGGLE_SHELL_ESCAPE,// ef 20170618
+ // 370
LFUN_LASTACTION // end of the table
};
diff --git a/src/LyXAction.cpp b/src/LyXAction.cpp
index c068db9bea..2b8b6ecbb4 100644
--- a/src/LyXAction.cpp
+++ b/src/LyXAction.cpp
@@ -780,6 +780,17 @@ void LyXAction::init()
{ LFUN_BUFFER_TOGGLE_COMPRESSION, "buffer-toggle-compression",
Noop, Buffer },
/*!
+ * \var lyx::FuncCode lyx::LFUN_BUFFER_TOGGLE_SHELL_ESCAPE
+ * \li Action: Toggles consent to run external programs by the LaTeX backend.
+ * \li Notion: When toggled on, the -shell-escape option is added to the
+ command that runs a LaTeX backend.
+ * \li Syntax: buffer-toggle-shell-escape
+ * \li Origin: ef, 18 June 2017
+ * \endvar
+ */
+ { LFUN_BUFFER_TOGGLE_SHELL_ESCAPE,
"buffer-toggle-shell-escape", Noop, System },
+
+/*!
* \var lyx::FuncCode lyx::LFUN_BUFFER_TOGGLE_OUTPUT_SYNC
* \li Action: Toggles including of resources for forward/reverse search of
the given document.
* \li Notion: When toggled on, SyncTeX is invoked for PDF, while srcltx
package
