Menu
▾
▴
Re: [Maxima-discuss] Yamwi (was: Construct sequence of identifiers)
|
From: Stavros M. <mac...@gm...> - 2023-07-21 21:11:10
|
Yamwi tries to prevent the user from accessing "dangerous" or "system"
functions. It does a pretty good job, but it's not perfect.
In particular, I was able to run *bug_report()*, although that's normally
blocked, showing that the Maxima version is > 10 years old:
-------------------------------------------------------------
Maxima version: "5.28.0"
Maxima build date: "2012-10-31 16:49:34"
Host type: "i686-pc-linux-gnu"
Lisp implementation type: "GNU Common Lisp (GCL)"
Lisp implementation version: "GCL 2.6.7"
-------------------------------------------------------------
I'll be happy to share the security hole with the implementer of Yamwi if
they're interested.
-s
On Fri, Jul 21, 2023 at 4:57 PM Robert Dodier <rob...@gm...>
wrote:
> On Fri, Jul 21, 2023 at 12:42 AM Wolfgang Hugemann <Au...@hu...>
> wrote:
>
> > The Website is obviously based on Yamwi (https://yamwi.sourceforge.net)
> > and shows some behaviour that deviates from wxMaxima. For example, 'v_1'
> > does not result in an indexed quantity but is interpreted literally. In
> > order to keep the option of using Yamwi, I would have to re-code most of
> > my examples :-(.
>
> Well, for the record, Yamwi displays subscripts correctly ... I
> recommend subscripts foo[n] instead of foo_n for wxMaxima also.
>
> > Although 'Yamwi' is meant to translate to 'Yet another Maxima web
> > interface', I could not find any other functioning web interface on
> > https://maxima.sourceforge.io/relatedprojects.html -- or is there any?
>
> I think there have been other attempts but maybe the websites have
> gone missing. At present http://maxima.cesga.es is the only one that I
> know about, but there may well be others.
>
> As I think has been said already, it looks like the version of Maxima
> behind http://maxima.cesga.es is perhaps several years out of date.
> That might make it problematic. Hundreds of bugs have been fixed in
> Maxima, some significant, some less so, but in any case I would want
> to steer others away from old versions of Maxima ... I don't know what
> is the possibility of getting http://maxima.cesga.es updated. The
> developer of Yamwi (Mario Rodriguez) has also worked on Maxima, maybe
> all that's needed is to send him an email.
>
> best,
>
> Robert
>
>
> _______________________________________________
> Maxima-discuss mailing list
> Max...@li...
> https://lists.sourceforge.net/lists/listinfo/maxima-discuss
>
|
