Graham Percival escreveu:
> As a security measure, I'd like to have a script that checks if a
> lilypond file contains any scheme. Is there any better way than
> searchign for "#(define" ?
>
> I'm not worried about a few false positives (if any non-scheme .ly file
> just happened to have "#(define" in the text somewhere), but could a
> malicious person add whitespace and have "#( define" ? If so, is there
> a way to search for such a whitespace-including string in python?
I'd search for the regex "#[ \t\n]*("
(define )
is not what you should worry about, but rather the other calls, such as
#(system "rm -rf /")
--
Han-Wen Nienhuys - [EMAIL PROTECTED] - http://www.xs4all.nl/~hanwen
LilyPond Software Design
-- Code for Music Notation
http://www.lilypond-design.com
_______________________________________________
lilypond-devel mailing list
lilypond-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/lilypond-devel
