-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reconsider default use of --shell-escape #195
Comments
Assuming this is not a hypothetical, please email me directly on gummi@{the domain in my github profile} |
@alexandervdm |
So, what was the outcome? Is there a vulnerability? |
The phrasing of this comment could be interpreted by a reader to mean that I missed/ignored an earlier email, but just so there's no confusion I want to make it clear that our email exchange happened right after I responded here on the Github issue on Sept 19.
The issue pointed out by @William957-web refers to the fact that Gummi by default enables the "--shell-escape" flag on the LaTeX compiler command used for its live preview. This could be abused if you were to open a document from a bad actor that includes destructive or otherwise malicious commands. This flag however is a necessity when using popular packages that run external commands like TikZ, gnuplot and many others. Like most security related design decisions, this strikes at the tension between absolute security and optimal user experience. I'm weighing some options but have not made a decision about implementing any of them and also see no need for immediate action at this time. |
@alexandervdm |
That's quite alright, I just wanted to clarify the timeline. I don't know the qualifications for a CVE so this is speculation, but I'd lean towards no. After all, is for example the Python interpreter vulnerable because you can open a .py file that includes a line such as With regards to the issue you reported, I admit the current approach is not ideal so I'm keeping this topic open for future reference and discussion. |
This might be a good reason to shift to flatpak/snap distribution (only) |
How can I report if I found out a vulnerability on this application?
The text was updated successfully, but these errors were encountered: