lilypond-user
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LilyPond in a CMS [was: Re: Defining custom symbols]

From: Robert Hickman
Subject: Re: LilyPond in a CMS [was: Re: Defining custom symbols]
Date: Sun, 15 Apr 2018 12:25:02 +0100

Thanks, -dsafe looks like the simplest to use but 'In addition, safe mode disallows \include' which I need to use the symbol file. Is it sufficient to concatenate the symbol file at the beginning of the user code?



On 15 April 2018 at 11:45, Malte Meyn <address@hidden> wrote:


Am 15.04.2018 um 12:41 schrieb Robert Hickman:
Second thought: (see my previous, sorry about double posting).

What are the risks of integrating lillypond into a CMS from a security perspective, does it allow you to run shell commands for instance? I will not be exposing this publicly, just to the admin interface only I use. I like to know what exploits anything I use could expose howeaver.

Have a look at the options --jail and -dsafe at http://lilypond.org/doc/v2.19/Documentation/usage-big-page.html

_______________________________________________
lilypond-user mailing list
address@hidden
https://lists.gnu.org/mailman/listinfo/lilypond-user

reply via email to
[Prev in Thread] Current Thread [Next in Thread]