Le 23/07/2017 à 20:45, Christian Ridderström a écrit :
Bah, I again e-mailed only Guillaume and not the list.
On 19 July 2017 at 00:00, Guillaume MM <g...@lyx.org> wrote:
I find that it would be more cumbersome and error-prone than a good
needauth implementation.
cumbersome:
Do you refer to using two user dirs, or perhaps having to (once?)
modify the parameter of the converter settings?
Or do you mean having two LyX windows open at the same time?
All of that. Also that, when running in unsafe mode, you have to assume
that everything is unsafe. So this unsafe mode it is still less safe
than a good needauth implementation.
error-prone:
Do you mean that you'll open the doc^H^H^Hprogram [*] in normal mode
and when you try to build it fails?
Or do you think it'd be difficult to set this thing up?
That one.
If I understand, what you want is visibility
and revokability, which people already seem to agree are desirable
improvements to make to needauth (a red status bar thingy).
Yes, visibility that I'm operating in an unusual/non-default and
potentially dangerous mode.
Revokability.... I'd rather say isolation/separation.
By isolation/separation, what do you mean? Is it different from
visibility (being able to tell whether things are safe)?
Besides wanting to allow the use of shell-escape only for a limited
set of documents (i.e. documents), I would likely also only want to
allow shell-escape when I want to run the program.
It makes sense that an option in the command line could disable needauth
entirely. It is becoming hard to track all the suggestions so if you are
interested in this I suggest filing enhancement reports / the wiki page.
Anyway, I think we should strive to allow a design where shell-escape
is not needed. And this topic is about a fallback when shell-escape is
necessary.
+1
