I'm working on integrating plotting into my web interface, and have
been looking through plot.lisp a bit. I noticed that plot2d uses
Maxima's "system" function (i.e. $system) to execute shell commands.
However, I explicitly unbind $system in my init file and prevent
execution of Lisp code to prevent users from executing malicious
commands. This subsequently breaks plotting.
So I modified macsys.lisp and renamed $system to safe-system, and
changed all references appropriately. I then wrote a new $system
function, which just passes its arguments to safe-system. That way,
Maxima can internally execute shell commands all it wants, while
adding the ability to block users from doing the same.
Do you think this a worthy modification? Should it be committed, or
will it break lots of other things?
Thanks,
-matt