Dear package maintainer(s),
we (LyX developers) are getting repeated reports of LyX's broken handling
of pdf/postscript graphics rendering (LaTeX export works fine).
This is because of debian stringent policy in /etc/ImageMagick-6/policy.xml
disabling ghostscript handling.
This was likely introduced due to ghostcript vulnerabilities couple years
back, which are fixed now, but the fear of new potential vulnerabilities
probably caused the ongoing ban of ghostcript.
While I understand the possible security implications on servers, the current
policy renders LyX unusable for anyone on desktop, who wishes to use eps/pdf
vector graphics, which is typical graphics input format in LaTeX world.
On top of this, if user is not root as well, he can't even override these policies.
This puts us in a weird position, that we can't help some users even when
we detect why their documents do not compile anymore.
Would you be willing to make some compromise on systems where users install LyX?
I can imagine different ways, e.g.:
- allow eps/pdf coders when LyX is installed
- ask user when installing LyX whether he wants to to allow such coders
- or at least issue warning that unless admin tweaks policy.xml
LyX won't function properly.
Or any other approach which would help to solve this issue.
I see that the imagemagick policy patch in question is in buster but not in
bullseye. Not sure whether it means debian wants to keep future imagemagick
policies in their vanilla form or it was moved to debconf. In any case I would
like raise our voice about this problem explicitely.
While this bug is sort of generalized version of #971630 (we also want eps
format to work) and might not be high priority from imagemagick POV (could
be considered a corner case), I file this under LyX as the consequences
are way more serious for its functionality.
Thanks,
Pavel