On 07/19/2017 01:48 AM, Christian Ridderström wrote: > > On 18 July 2017 at 23:49, Jean-Marc Lasgouttes <lasgout...@lyx.org > <mailto:lasgout...@lyx.org>> wrote: > > Le 18/07/2017 à 23:42, Christian Ridderström a écrit : > > I think the default should be secure, and that the user should > have to do something actively to go into a dangerous mode. > > > Well, since you consider that turning off two options is not > active enough, I am not sure what to propose :) > > > The problem I see with only unchecking two check boxes are e.g.: > - Users uncheck settings all the time, it doesn't seem very "scary" > - In the settings dialog, the real implications of unchecking these > options > did not seem sufficiently clear to me. > So calling it "Allow yourself to be shot in the foot by converters" > would help;-) > - The setting is persistent, and easily forgotten
This, I believe, was part of what was addressed by Enrico's patch. Or the idea behind it. It would at least be possible to have a 'hidden' setting here: One you could activate only by editing the preferences file. That doesn't seem unreasonable to me. This is definitely a feature for power users. Of course, that would make it even more difficult to undo. > If it has to be done from within LyX, then perhaps do some of the > things below to make being in unsafe mode more difficult to forget: > - When unchecking the boxes, display a dialog informing them that > they're going into dangerous territory. > - Show the warning each time LyX is started, forcing the user to > acknowledge it. > And make it so that user with a single click can reenable needauth. > - Possibly show the dialog each time before building a document One or the other here is enough, I'd think. But this is otherwise similar to a suggestion I made elsewhere. > - Enable a strong/annoying visual indication/reminder that you're > unsafe mode Also part of Enrico's patch idea, I believe. The overall idea behind that patch was to make this setting per-document and easy to change, with a strong visual indication. Making it non-persistent, or at least something you have to acknowledge each session, would add security. Here again, if that seems too annoying, a power-user-only non-gui setting could be considered. Then it's possible for people to sidestep the security, but only by really getting their hands dirty. Richard