[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used f
|
From: |
Daniel Mendler |
|
Subject: |
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers |
|
Date: |
Sun, 15 Dec 2024 11:16:17 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Daniel Mendler <mail@daniel-mendler.de> writes:
> Thank you for the recent addition of `trusted-content-p'. Is there a
> possibility to use `trusted-content-p' in buffers which are not backed
> by a file? I use Flymake in *scratch* or similar buffers and it seems
> that this won't continue to work given that `trusted-content-p' needs a
> `buffer-file-truename'.
>
> My suggestion would be to replace `trusted-files' by a
> `trusted-buffer-function' which is a predicate function or a list of
> functions. The functions could then check a custom list of trusted files
> or a custom list of trusted buffers.
>
> Alternatively offer `trusted-files', `trusted-buffers' and
> `trusted-buffer-function`? `trusted-buffers' could for example rely on
> `buffer-match-p`.
I have also ported back `trusted-content-p' via Compat. I had the plan
to use `trusted-content-p' in external packages which could potentially
perform dangerous operations. This way the new feature can be used to
retroactively improve the safety even of older Emacs installations.
For example in my GNU ELPA Corfu package the plan was to check
`(trusted-content-p)' when starting auto completion. To be clear - Corfu
is safe by default, since auto completion is disabled by default.
However many people enable auto completion unconditionally in all
buffers.
Now with the limitation of `trusted-content-p' to file-backed buffers, I
cannot do this, since otherwise auto completion would be lost for
example in *scratch* buffers. Each package could invent its own trust
mechanism or alternatively one could limit the `trusted-content-p' check
to only file-backed buffers. Both alternatives would be worse than going
through the `trusted-content-p' standard mechanism.
Therefore by making the `trusted-content-p' mechanism too limited, we
get less safety than with a more flexible mechanism. Nevertheless I
would avoid creating a complex mechanism given that the mechanism is
supposed to be part of Emacs 30. The simplest approach I can think of
this this `trusted-buffer-function', a hook called by
`run-hook-with-args-until-success'. Later on trust functions can be
provided and added to the hook list. The trust functions could check
file lists, buffer lists, regexps etc. Users can also write their own
predicate functions.
In any case, I am happy to help providing patches.
Daniel
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/14
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers,
Daniel Mendler <=
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Ihor Radchenko, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Ihor Radchenko, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Kangas, 2024/12/15
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Dmitry Gutov, 2024/12/16