On Fri, Nov 2, 2018 at 1:05 PM Ulrike Fischer <news3@nililand.de> wrote:
Am Fri, 2 Nov 2018 12:53:02 +0100 schrieb luigi scarso:


>> You could try https://github.com/khaledhosny/luahbtex. Khaled is
>> trying to marry luatex + harfbuzz there

> sure, it's hardcoded , the final binary is quite heavy ...
> Anyway, I am talking of dll/so  plugin and tool,
> it's  more  on the track of
> https://www.guitex.org/home/images/ArsTeXnica/AT023/luaffi-article.pdf

Well we (some of the latex team) tried to test this as we have quite
an interest to have an option to use harfbuzz for some fonts but not
every code needed seems to be available publicitly.

it's complex thing...  a binding depends on lua API and 
the target lib API .. At that time the lua API was still in flux
(so a swiglib binding is not so useful) and the luaffi interface 
non tested (just see the apart on the FFT) .
A (stable) luaffi could resolve the luatex side of  the binding
and being lua code is more easy to adapt if the  target API changes.

Also if I remember correctly this requires --shell-escape and this
is not really sensible for a user interface.

 it's the context ml,   enable system commands is default (and we are still here :-)  . Anyway ConteXt has a sandbox too. )

But yes, the 
--safer                       disable easily exploitable lua commands
   --[no-]shell-escape           disable/enable system commands
   --shell-restricted            restrict system commands to a list of commands given in texmf.cnf
are part of the picture. Hans and I  have to discuss this point.

Just to say: on my linux box, xetex from the official deb package has not hb hardcoded:
# ldd `which  xetex `
linux-vdso.so.1 (0x00007ffcb26d2000)
libharfbuzz-icu.so.0 => /usr/lib/x86_64-linux-gnu/libharfbuzz-icu.so.0 (0x00007f5fe89c5000)
libharfbuzz.so.0 => /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0 (0x00007f5fe8727000)
Even if I set all the paranoia flags, xetex will  load these shared objects.
With a luaffi things doesn't change, the point is that luatex will load the libs only when/if  the user (script) will  to do.
Of course, the xetex from texlive is statically compiled ... well almost. I still see freetype as shared object.
Anyway, as I have said I am now focused on this issue now because I would like to complete/fix it for the next texlive. 

(to be honest: I think that all these safer shell-* switches are a bit outdated nowadays, but they are there and I don't think they will disappear . )


--
luigi