2010/1/28 John Mandereau <john.mander...@gmail.com> > Le jeudi 28 janvier 2010 à 15:48 +0100, Oscar van Dillen a écrit : > > " You can install and use this extension in your wiki, but it is > currently > > not available in Wikipedia. Many people would love to use this extension > > in Wikipedia and other large-footprint wikis that they have no control > > over. However, in its current form, this is unfortunately impossible due > > to security concerns. > > This is not a reason not to support LilyPond processing as a option that > is switchable by a configuration file accessible only to the website > administrator, which would be disabled by default. > > > > is this correct, that lilypond has this "security issue" as stated; > > and is it possible " to make the program hang indefinitely"? > > Adding to Kieren's example, think that LilyPond user interface is a > programming language, so it is hard to avoid these problems, that's the > workaround that consists of limiting CPU and memory usage is > recommended. Even with normal use of such an extension, you need much > CPU power and free memory, which is surely not available on many servers > running MediaWiki. > > Best, > John >
thank you kieren and john, things have become much more clear to me after this thread so far. i will ponder on how to perhaps make it run a bit more safely on my website, and keep on using it, as lilypond is relatively userfriendly, very powerful, and essential there :-) fyi to the pediapress people i wrote, to conclude ticket #775 i mentioned earlier: "still, in my humble opinion, not including lilypond in the pdf rendering extension:collection is a missed chance for pediapress as well, since to me it seems to concern its field of business, and a possible venture into a whole new field: open source music printing. but i will not push the issue further at this point (and leave this ticket closed). i think however pediapress is missing out on an opportunity, but this is also a matter of choices of priority, and we may vary in this of course. i personally believe it would be more than worth the efforts to tackle this" all the best, oscar -- oscarvandil...@gmail.com www.oscarvandillen.com ****************** The information contained in this message is confidential and may be legally privileged. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, or reproduction is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. Although this message and any attachments are believed to be free of viruses, no responsibility can be accepted for any loss or damage arising in any way from receipt or use thereof. ******************
_______________________________________________ lilypond-user mailing list lilypond-user@gnu.org http://lists.gnu.org/mailman/listinfo/lilypond-user
