I learned \write18 from a quick search: http://stackoverflow.com/questions/3252957/how-to-execute-shell-script-from-latex
Security problems exist in most software packages. In this case (knitr/Sweave), a pure technical solution does not seem to be possible... Sometimes I do want to execute system() commands. Regards, Yihui -- Yihui Xie <xieyi...@gmail.com> Phone: 515-294-2465 Web: http://yihui.name Department of Statistics, Iowa State University 2215 Snedecor Hall, Ames, IA On Sun, Oct 21, 2012 at 1:54 AM, Liviu Andronic <landronim...@gmail.com> wrote: > On Sun, Oct 21, 2012 at 6:55 AM, Yihui Xie <x...@yihui.name> wrote: >> The blacklist-based solution can stop nothing as you showed, so I >> think we cannot do much except writing it in the documentation. >> > What about an MS Excel style 'Do not execute scripts' option or > dialogue? Basically we could introduce two modes when Sweave/knitr > module is loaded: > - Run scripts, all works as it does now. > - Do not run scripts, where the scripty modules are being disabled (or > similar) and some flag is being displayed somewhere, perhaps in the > status bar (or the WM title bar). > > If scripts are detected then a dialogue pops up with a warning and > asks the user how to proceed. This should provide a minimum of > security. > > What do you think of this? Regards > Liviu > > PS While we're on the subject of security, is it not possible to > simply use LaTeX to write malicious code?
