# Re: Bug#311997: ITP: gaim-latex -- gaim plugin wich translate LaTeX code into image in conversation

Le mardi 07 juin 2005 à 05:10 +0200, Nicolas Schoonbroodt a écrit :

MMmmm these are good news :-),
> If you can tell me where you find the tex2im depandancy (README,
> INSTALL, ...) It can help me for remove it in the next version.
Well, I've just looked into your files.
I can now said that I've made a mistake. You're plugin seems to doesn't
use tex2im now.
But I know what makes me missunderstand :
"README:This is a plugin for Gaim [1] that allows you to display LaTeX
[2] output into your IMs. This plugin needs the tex2im tool [3]."

>
> Now, about the security problem...
(...)
> I have blacklisted the same command than kopetetex, that is :
> > #define NB_BLACKLIST (42)
>
Great :-)
Why not define a WHITELIST instead of a BLACKLIST ? isn't it more
secured ?
> So (in normal case) all of this command will not be "authorised"
> (in fact, if you send a message like :
> normal text \input in normal text $$equation$$ normal text $$equation$$
> (or with the blacklisted command in the $$equation part$$) the message
> _will not_ be transform using latex compiler. (with the is_blacklisted
> function)
Ok thanks
>
> If some other command have to be blacklisted, I hear you.

Well, I don't know LaTeX enough to gives you more commands (if there's
any)
>
> If you have any suggestion with security problem (for example error in
> my code, or latex hack to "eviter" (french word, don't know in English)
avoid no ? ;-) but I'm french too so it's not a problem for me to
understand
> this security), you can continue the discussion here, I will read it.
>
> Also other bug can be posted on sourceforge, for example.
Ok, I think we can know close my bug report on sourceforge no ?

>
> Nicolas Schoonbroodt
Thank you very much for your help,
I hope I will be able to package it in Debian

--
Martin Braure de Calignon
(error3)