On Thu, Aug 13, 2009 at 10:21 AM, Simon King<simon.k...@nuigalway.ie> wrote:
>
> Hi William,
>
> On Aug 13, 5:25 pm, William Stein <wst...@gmail.com> wrote:
>> On Thu, Aug 13, 2009 at 8:25 AM, Simon King<simon.k...@nuigalway.ie> wrote:
> ...
>> Wow, so when I read a random pdf off the web and click on it, then it
>> could run a shell command, e.g., "rm -rf $HOME"?
>
> My boss just gave me some details.
>
> In fact, the book comprises a pdf file *plus* certain shell scripts,
> say run_ex_1.sh
>
> In the latex file, he has commands like
> \href{run:path/to/run_ex_1.sh}{Example 1}
>
> This would result in the text "Example 1", which you could click. If
> you do, you would first be asked whether you want to execute that
> script or not. I don't know if this would work on any platform
> (probably not).
>
> After all, the scripts shipped with the book could contain evil
> commands, so you have to decide whether you want to trust my boss :-)
>
> But I think you could do nasty things on shell level with a Sage
> worksheet as well, couldn't you?
Yes, if it is running on the user's computer. If it is running on a
web page though, e.g., http://sagenb.org, then no, you definitely
can't do nasty shell level stuff on the user's computer.
William
--~--~---------~--~----~------------~-------~--~----~
To post to this group, send an email to sage-devel@googlegroups.com
To unsubscribe from this group, send an email to
sage-devel-unsubscr...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/sage-devel
URLs: http://www.sagemath.org
-~----------~----~----~----~------~----~------~--~---
