Scott Kostyshak wrote:
> Any thoughts as far as improving security, warning the user, or documentation?
Up to this moment we were trying not to include anything which could be used in
the exec("rm -rf /") way (this was the only reason why gnuplot is not supported
by lyx for example, there was working patch already). I didn't check your
example but IIRC we used some special parameter for latex which forbids such
security flaws - can you check whether your example really works?
knitr/sweave stuff went in without anyone knowing it... IMHO we should either
disable this by default or ask for the first time.
If we have working mechanism how to notify the user, we can include gnuplot
support as well.
Pavel
