ImageMagick security settings in openSUSE

Pavel Sanda sanda at lyx.org
Sat Oct 31 10:26:21 UTC 2020


On Sat, Oct 31, 2020 at 12:11:58AM +0100, Tommaso Cucinotta wrote:
> Now, the question I wanted to ask is: when reconfiguring LyX looking for
> existence of the various converters, would it make sense for LyX to have a
> means to try the converters one by one (at least a known subset of them), to
> be sure they work and they've not been forbidden, so to exclude those ones
> that don't actually work ?
> Or, is there some other way to handle the problem in a user-friendly way ?

The security bugs which led to the conversion ban are fixed for a long time.
So it would make sense to file a bug in ubuntu that the permanent ban makes
lyx unusable for standard vector graphics formats. Moreover since /etc is writeable
only for root, normal users has no chance to override this restriction with their
own policy files.
They might listen to us or not, but it's IMHO worth of trying.


>From our part the most user informative way would be to check the policy via
"convert -list policy" and if not trigger message that those conversions were
banned. The combative part in me would even add note which would suggest users
to file bug to their distro maintainers so they get some additional feedback.
Maybe if they close the same bug 100x times they try to do something about it ;)

Pavel


More information about the lyx-devel mailing list