Skip to main content

options - Unexpected design of protection against dynamic content


Introduction/summary


I was surprised by the (from my point of view limited) extent to which the user is defended against "potentially unsafe dynamic content" by default. Two things were unexpected to me: 1) a warning is not always triggered if dynamic content is present , and 2) all dynamic content in a notebook will be evaluated when evaluating any cell in that notebook.


The tests I did are first listed below. The question is how we can modify options to let the behaviour correspond to my expectations. Along the way I found an option ("TrustByDefault") that can deal with one of the concerns, so I have provided an answer to my own question.


This option was not exactly hidden, as it was mentioned in the docs under tutorial/NotebookSecurity, which is excellent. The main value I see in posting this now is to warn users like me who like to skim pages like tutorial/NotebookSecurity and later draw their own conclusions about options like "Dynamic Updating Enabled". Further I provide some code which may help with "seeing things for yourself". Lastly, I feel a warning about the Cell/Notebook option CellEvalaluationFunction was overdue.


Paraphrasing of relevant parts of /tutorial/NotebookSecurity



Mathematica can warn you about dynamic content, but it does not always do so. If the warning is displayed, dynamic content is also not get evaluated (evaluation can be triggered in an unexpected way though! Details further below). The warning looks like this.


enter image description here


Notebooks on a "TrustedPath" will never trigger the warning. Notebooks on an "Untrusted path" will always trigger the warning. For Notebooks on paths that are neither safe or unsafe in this sense, whether or not the warning will appear will depend on what functions/symbols appear in the Dynamic content.


The paths that are not trusted on your system can be found by executing this code


Column[ToFileName /@ 
CurrentValue[$FrontEnd, {"NotebookSecurityOptions",
"UntrustedPath"}]]

replace "UntrustedPath" by "TrustedPath" in the above to see which directories are trusted.


Testing



A little way below is a procedure to generate notebooks with dynamic content and then opening them. It requires you to input a path (name of a directory). The result will depend on what path you specify and on the notebook you choose (with or without potentially dangerous functions).


As mentioned, for some notebooks/paths the dynamic content will be evaluated right away. I think this does not depend on whether you generated the file yourself or whether it was sent to you. No mention of such a distinction is made in tutorial/NotebookSecurity.


For me, if I put a notebook with dynamic content without dangerous functions in my user directory, dynamic content gets evaluated right away. This was unexpected to me, especially because I did not realise that immediate evaluation of dynamic content depended on the functions that appear in it. I now find the design intuitive in a way, but I think there is a serious design flaw here. So much so that I think talking about it here further may do more harm than good.


Code to see how the warning works


As promised, here is the code to generate and open notebooks.


Warning: I will not tell you not to trust me, but code containing functions that I use below could be very dangerous. In general I would advise you not to evaluate such code, unless you understand or trust it.


path = (*enter the path where you want to store the notebook here*);
fileName = (*enter example: file.nb*);

Block[{fullFileName = FileNameJoin[{path, fileName}]}

,
If[
! FileExistsQ[fullFileName]
,
Put[
Notebook[
{
Cell[
BoxData@MakeBoxes@
Dynamic[If[! NumberQ[x], x = 0];

StringForm["x is now ``", x++]], "Output"]
,
Cell[BoxData@MakeBoxes["evaluate this";], "Input",
CellTags -> "eval"]
}
,
DynamicUpdating -> True
]
, fullFileName
];

NotebookOpen@fullFileName;
NotebookLocate["eval"]
,
Print["file already exists!"]
]
]

Even if you put the file on an "UntrustedPath", you still have to be very careful. The unexpected thing to me here is that if you evaluate any regular Cell in the notebook, even one that you made yourself, the dynamic content gets evaluated. Even though you did not press the button "Enable Dynamics". You can test this out by simply evaluating the Cell saying "evaluate this" that I have included.


CellEvaluationFunction


Now, it is a very bad idea anyway to evaluate a cell in a notebook you do not trust, especially because of the option CellEvaluationFunction. CellEvaluationFunction is both an option for Cell and for Notebook and can make cells evaluate in ways you do not expect. Code can not be visible and basically any code can be evaluated against your will this way, provided you evaluate a Cell in this notebook.



But still the behaviour that evaluating any cell also causes the dynamic content to be evaluated is unexpected to me and therefore I would (have) like(d) to have some protection against it.


Options for additional protection


Options that do not work


I was looking to see if you could make some additional protection against this unwanted evaluation. In particular the option from the evaluation menu "Dynamic Content Enabled", as well as the front end option DynamicUpdating, which is the same as the option DynamicUpdating in the option inspector under Cell Options > Evaluation Options, seem to have no effect. The Notebook option DynamicUpdating only seems to apply to a particular Notebook, so that does not help either.


I think all the front end option DynamicUpdating is, is the default value of the Notebook option DynamicUpdating for newly created notebooks. This does not include notebooks that already existed and were simply opened. The menu option "Dynamic Content Enabled" from the evaluation menu is not a global setting. It can be different for different notebooks. In particular, when I open the .nb file from an "UntrustedPath", there is a check in front of "Dynamic Updating Enabled", even when there was not one before.


Questions


The question here is: Are there any additional means to protect ourselves against dynamic evaluation?




Comments

Popular posts from this blog

plotting - Plot 4D data with color as 4th dimension

I have a list of 4D data (x position, y position, amplitude, wavelength). I want to plot x, y, and amplitude on a 3D plot and have the color of the points correspond to the wavelength. I have seen many examples using functions to define color but my wavelength cannot be expressed by an analytic function. Is there a simple way to do this? Answer Here a another possible way to visualize 4D data: data = Flatten[Table[{x, y, x^2 + y^2, Sin[x - y]}, {x, -Pi, Pi,Pi/10}, {y,-Pi,Pi, Pi/10}], 1]; You can use the function Point along with VertexColors . Now the points are places using the first three elements and the color is determined by the fourth. In this case I used Hue, but you can use whatever you prefer. Graphics3D[ Point[data[[All, 1 ;; 3]], VertexColors -> Hue /@ data[[All, 4]]], Axes -> True, BoxRatios -> {1, 1, 1/GoldenRatio}]

plotting - Filling between two spheres in SphericalPlot3D

Manipulate[ SphericalPlot3D[{1, 2 - n}, {θ, 0, Pi}, {ϕ, 0, 1.5 Pi}, Mesh -> None, PlotPoints -> 15, PlotRange -> {-2.2, 2.2}], {n, 0, 1}] I cant' seem to be able to make a filling between two spheres. I've already tried the obvious Filling -> {1 -> {2}} but Mathematica doesn't seem to like that option. Is there any easy way around this or ... Answer There is no built-in filling in SphericalPlot3D . One option is to use ParametricPlot3D to draw the surfaces between the two shells: Manipulate[ Show[SphericalPlot3D[{1, 2 - n}, {θ, 0, Pi}, {ϕ, 0, 1.5 Pi}, PlotPoints -> 15, PlotRange -> {-2.2, 2.2}], ParametricPlot3D[{ r {Sin[t] Cos[1.5 Pi], Sin[t] Sin[1.5 Pi], Cos[t]}, r {Sin[t] Cos[0 Pi], Sin[t] Sin[0 Pi], Cos[t]}}, {r, 1, 2 - n}, {t, 0, Pi}, PlotStyle -> Yellow, Mesh -> {2, 15}]], {n, 0, 1}]

plotting - Mathematica: 3D plot based on combined 2D graphs

I have several sigmoidal fits to 3 different datasets, with mean fit predictions plus the 95% confidence limits (not symmetrical around the mean) and the actual data. I would now like to show these different 2D plots projected in 3D as in but then using proper perspective. In the link here they give some solutions to combine the plots using isometric perspective, but I would like to use proper 3 point perspective. Any thoughts? Also any way to show the mean points per time point for each series plus or minus the standard error on the mean would be cool too, either using points+vertical bars, or using spheres plus tubes. Below are some test data and the fit function I am using. Note that I am working on a logit(proportion) scale and that the final vertical scale is Log10(percentage). (* some test data *) data = Table[Null, {i, 4}]; data[[1]] = {{1, -5.8}, {2, -5.4}, {3, -0.8}, {4, -0.2}, {5, 4.6}, {1, -6.4}, {2, -5.6}, {3, -0.7}, {4, 0.04}, {5, 1.0}, {1, -6.8}, {2, -4.7}, {3, -1....