Le 18/07/2017 à 19:46, Christian Ridderström a écrit :
I just did a test with gnuplot. In the LyX settings I had unchecked
'Forbid of use of needauth converters' and unchecked 'Use needauth
option'. Then I opened a LyX doc with a gnuplot script. Result: LyX
tried to run the script due to the preview, without asking or alerting me.
In my opinion this demonstrates a case where the security is _not_ good
enough, as I don't think it'd very difficult to trick someone into
unchecking these boxes.
You may want to rename one of these options "shoot yourself in the foot".
Seriously, one thing I learned about security is that the size of the
lock you use should be related to the threat you are fearing. Do we
really work on the scenario where someone (CIA? KGB?) will be trying to
trick a LyX user (how many of users are a worthy target?) into changing
its own preferences in order to –let's say– steal all the readable files
on the user directory. IMO, if a hacker is ready to do this (including
social engineering), the user will have other problems than the brand
new needauth feature of the obscure editor LyX.
I do not know how many KGB/CIA agents will be willing attend the 'hack
LyX' classes. How much is it worth on a spy resume ?
We should start by understanding what are the reasonable threats we want
to fight against. This discussion is becoming crazy.
JMarc