Re: ELPA security

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ELPA security

From:	Stefan Monnier
Subject:	Re: ELPA security
Date:	Sat, 22 Dec 2012 11:20:56 -0500
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)

> I also think `M-x list-packages' should define a `v' shortcut to file-find
> the .el file or tarball that constitutes the package without installing
> it.  That will contribute to security and it's really convenient, too.

Actually, "installation" has several steps:
- download.
- install per se (i.e. copies the files at an appropriate place).
- compile.
- setup (i.e. arrange things such that the package is in the load-path
  and its autoloads are active next time to start Emacs).

The first two steps can be made to be safe.


        Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: package.el + DVCS for security and convenience, (continued)

Prev by Date: Re: set-file-extended-attributes and backups
Next by Date: Re: set-file-extended-attributes and backups
Previous by thread: Re: package.el + DVCS for security and convenience
Next by thread: Re: ELPA security
Index(es):
- Date
- Thread