[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lilypond & wikipedia
|
From: |
Jan Nieuwenhuizen |
|
Subject: |
Re: lilypond & wikipedia |
|
Date: |
Wed, 22 Apr 2009 11:32:11 +0200 |
Op maandag 02-02-2009 om 02:21 uur [tijdzone +0100], schreef Johannes
Schindelin:
> > > Tim Starling, one of the main wikipeda software developers, says:
> > >
> > > My understanding is that
> > >
> > > a) safe mode is not secure, being trivially DoS-able by short
> > > infinite loop scripts
> >
> > As it currently stands, yes.
> >
> > > b) safe mode will not work for many of the free scores available on
> > > the web
> I think that was part of the bad research Tim did that really upset me.
Yes. So if we get
> > Assign two Frogs to the task:
> > - one person ensures that lilypond input without **any** scheme
> > will always end in a reasonable amount of time.
> > - one person modifies --safe. I'm sure that we can whitelist a
> > few more commands (IIRC changing the paper size is not "safe").
> > But we'll certainly need to remove much of the more basic stuff.
we should probably mention on the wikipedia page that these concerns
are being worked on. Why doesn't WikiPedia come to us with questions
or bug reports?
Jan.
--
Jan Nieuwenhuizen <address@hidden> | GNU LilyPond - The music typesetter
http://www.xs4all.nl/~jantien | http://www.lilypond.org