diff options
author | Josh Triplett <josh@joshtriplett.org> | 2009-08-28 23:07:27 -0700 |
---|---|---|
committer | Josh Triplett <josh@joshtriplett.org> | 2009-08-28 23:18:07 -0700 |
commit | 9f75d3b1f3c43820cff9ce554601f64c60d72b14 (patch) | |
tree | 0b8907816f99d63ac9579c9a56ad05bd1beb1abc /doc/plugins/postsparkline.mdwn | |
parent | 03449610d6c666ba24bea68f01d896613e522278 (diff) |
teximg: Make TeX handle preventing unsafe things; remove insufficient blacklist
TeX has configuration options that prevent unsafe things like shell
escapes and insecure file reads/writes. Turn all of them on.
teximg's regex-based blacklist does not suffice. For instance:
[[!teximg code="""
\catcode`\%=0
%input{/etc/passwd}
"""]]
Remove the blacklist, since the TeX configuration options seal off the
underlying mechanisms more safely, and the blacklist blocks other TeX
commands that can prove useful.
Diffstat (limited to 'doc/plugins/postsparkline.mdwn')
0 files changed, 0 insertions, 0 deletions