xdg-open for 2.4.0?

Scott Kostyshak skostysh at lyx.org
Sat Nov 12 16:19:56 UTC 2022


At some point xdg-open had security concerns. I don't know the details,
but from what I understand those issues are no longer relevant. Perhaps
we are still concerned that 2.4.0 could be compiled on an old system
that still has those security concerns?

Debian/Ubuntu carries a patch that puts in xdg-open to configure.py.
If curious, you can see the patches here (most are just backports of
stuff in master, e.g., regarding Python3 compatibility)
wget "http://archive.ubuntu.com/ubuntu/pool/universe/l/lyx/lyx_2.3.6.1-1.debian.tar.xz"

By the way, we already have "xdg-open" in configure.py for a raster
image viewer.

It seems there are two questions:

(1) Are we still concerned about a security issue?
(2) Regardless of a security issue, is xdg-open what we want?

If the answer to (1) is "no", and there are mixed opinions about (2),
maybe we can at least add "xdg-open" as the *last* option?

Potentially relevant as well:
https://www.lyx.org/trac/ticket/11641

Interesting past discussions on xdg-open below. I didn't go through them
too carefullly.
https://www.mail-archive.com/lyx-devel@lists.lyx.org/msg133878.html
https://www.mail-archive.com/lyx-devel@lists.lyx.org/msg152142.html

Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.lyx.org/pipermail/lyx-devel/attachments/20221112/c6539c48/attachment.asc>


More information about the lyx-devel mailing list