Bo, thanks for your responses.
> > - was there some conclusion about filename extension? if there are going > > to be > > any tricks with copying or moving .lyx file itself i smell thousand and > > one > > problems of rewrites, bad deletions on user side etc. i think that some > > .lyz > > would be much more appropriate here. > > I am not quite sure about what you are talking here. In my approach, a > file will be given a random name and copied to lyx temp directory. > This temp name will be used just for this file and be saved in .lyx > file. The embedded files are sorted before written to .lyx file so > there will be no massive content change after simple editions. nono, i mean the extension of the resulting embeded (or bundled) file. currently the name will filename.lyx (right?) which i'm opposed and will later flame on, no matter which proposal is going to be used :) once all these these copying/moving files magic is possible with lyx files i want to know it from the first sight on the file, its dangerous job to open it, ie to have some name like fileneme.lyz. > I certainly disagree, but Richard and JMarc said yes. They were > talking about not allowing any out of tree file. I strongly object any > unnecessary restriction on how users use external files. i'm sorry, but i see these restrictions neccessary if you intend to extract the files back to filesystem. > I hope that you feel comfortable with my pack/unpack solution. no i don't feel comfortable with either of these :D what i most of all dislike is that lyx could ever write-touch to some external paths ever. besides the normal chaos which can be caused by this, i feel security hole here. i was trying to retrieve your solution by adding the constraint of only the current dir+subdirs write acces or something in this way, but you seem do not like it too. Richard's solution is safe in this regard, but the work is finally put on the shoulders of the user, so at the end its easier to just manage the whole thing by myself as described by the workflow i described lately. so i just tried to save the workflow i depicted (and which seems you use too) while avoiding the 'free write back to tree' regime. if both of these is not doable, then the whole bundling bussiness is not usable for me and a will just comment on the security concerns in next debates. pavel
