On Thu, Aug 10, 2017 at 05:37:33PM +0200, Tommaso Cucinotta wrote: > > - the UI visible red icon is fantastic :-)! guess we can re-use it when the > user authorized needauth converters for the currently open doc;
Probably. The tooltip could be used to differentiate the usage. > - the shell-escape would resemble needauth (and perhaps share some -- or even > all -- of the security prefs) if: > - the document contained a settings requiring the use of shell-escape for > its correct formatting/conversion; I am not sure what you mean here. It is a design decision that no document can have shell-escape automatically turned on. In this way you can download whatever doc and compile it without fear of any security risk. > - we had a preference option that forbids shell-escape altogether This is different from the needauth case. As regards dangerous converters, you have them automatically configured, so that forbidding needauth by default is necessary to avoid their use. Instead, the user has to willingly turn on the shell-escape feature, so that forbidding it altogether is senseless. > - [optional] we had a preference option that allows it always I don't follow you here. It is allowed if the user turns it on. It cannot be automatically turned on, so I don't understand what you mean. -- Enrico
