[texworks] Lua scripting

Reinhard Kotucha reinhard.kotucha at web.de
Sat Jun 13 22:26:21 CEST 2009

On 11 June 2009 T T wrote:

 > On 11/06/2009, Hans Hagen <pragma at wxs.nl> wrote:
 >> Stefan Löffler wrote:
 >>> Any opinions about this?
 >> you can add an option to the configuration file ("safer=true") or maybe
 >> listen to an environment variable and if not set just permit all functions
 >> if someone wants to abuse texworks to wipe someones disk, first of all
 >> the script has to come from an non tex related place, and users hav eto
 >> install it, and second, the fact that one can run a program
 >> (typesetting) already means that one can add a disk wiper
 > I agree. Let's not go overboard with those security issues. Note that
 > the situation with LuaTeX is somewhat different. You can run it
 > somewhere on a server and typeset whatever comes your way. In that
 > scenario you cannot assume that all documents/scripts are harmless and
 > you need some protection.
 > The situation is different for TW, since it is intended for personal
 > and interactive use, in which case there will be always user
 > supervision of what scripts get installed/executed. I think that this
 > is entirely sufficient and there is no need to disable anything. If
 > someone is stupid enough to run a random piece of code from a random
 > place, I'd say they get what they deserve. You cannot protect against
 > that anyway and introducing draconian security measures can only
 > cripple legitimate usage cases.

Tomek, thank you very much for this mail.  What you say is exactly
what I think.  There should't be any restrictions.


Reinhard Kotucha			              Phone: +49-511-3373112
Marschnerstr. 25
D-30167 Hannover	                      mailto:reinhard.kotucha at web.de
Microsoft isn't the answer. Microsoft is the question, and the answer is NO.

More information about the texworks mailing list