On 29. mai 2010 01:56, Pavel Sanda wrote:
Liviu Andronic wrote:
On Fri, May 28, 2010 at 8:23 PM, Guenter Milde<mi...@users.berlios.de> wrote:
However, the Gnumeric spreadsheet has a LaTeX export feature, so one
could possibly write an "external inset" wrapper for it.
Apparently there is a patch [1] by Helge Hafting. More info on the
subject in this thread [2] and on the wiki [3].
Liviu
PS Would the devels consider including the patch in LyX 2.0?
please do you have any idea whether is safe to use blindly ssconvert or gnumeric
in the sense that attacker can't write eg some excel macro-virus which would
get executed via ssconvert or gnumeric?
I don't know if ssconvert supports excel macros well enough to run a
virus. I though macro viruses generally abused a visual basic interface
that doesn't even exist on linux.
But there is a very simple solution, if safety is the reason to not
include my patch:
I can change it so it only support gnumeric files, not excel files.
ssconvert can convert oocalc, excel and gnumeric. But LyX can stick with
the .gnumeric extension in order to be safe. I don't think gnumeric has
such vulnerabilities designed into it.
Would that be interesting?
we have already rejected gnuplot support because of the fact that somebody
could embed script like "! rm -rf /" into .lyx file...
