[texworks] Script: Questions about the API

T T t34www at googlemail.com
Tue Apr 13 15:49:09 CEST 2010

On 13 April 2010 07:06, Stefan Löffler <st.loeffler at gmail.com> wrote:
> If you can write arbitrary data to arbitrary positions on the
> disk, this can be pretty serious security vulnerability.

Why?  The extension script will not get more permissions than the
program (process) in which it runs and I see no reason why it should
have less permissions.  After all, extension scripts are logically a
part of an application and not a part of a document as in case of,
say, html and browsers.



More information about the texworks mailing list