[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used f
|
From: |
Ihor Radchenko |
|
Subject: |
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers |
|
Date: |
Sun, 15 Dec 2024 12:50:41 +0000 |
Eli Zaretskii <eliz@gnu.org> writes:
>> If buffer contents is not coming from a file, it must be generated by
>> some Elisp code. That code may as well set trust status.
>> For example, *scratch* buffer may have its contents (automatically
>> generated) marked as trusted by default.
>>
>> Does it make sense?
>
> Are you in effect saying that every buffer that doesn't visit a file
> should be trusted?
No. The code generating non-file buffers may indicate whether buffer
should be trusted or not.
> ... If that's accepted, it doesn't need any function.
> And can we really trust arbitrary ELisp code that to set trust?
When an arbitrary Elisp code is already running, there is nothing that
can prevent that code from doing anything at all, including, for
example, re-defining `trusted-content-p'. So, discussing whether we can
trust a running Elisp code or not makes no sense in my book. We have to
trust it.
> And what about buffers whose contents came from a network connection?
The code that is putting text received from network connection should be
responsible for marking the buffer appropriately.
> What about buffers whose contents came from inserting some file or
> part thereof, or were generated by processing some file?
Again, the code should be responsible to check things, maybe using some
kind of API function to check whether a given source file should be
trusted or not.
> What about buffers whose contents came from a program Emacs invoked?
Same thing.
I'd say that the codes receiving text contents from network or from a
program should not mark it as trusted.
One alternative might be storing "trust flag" as text property for Emacs
primitives that read file contents, network stream, or program
output. Then, if any part of buffer has "trust flag" set to be not
trusted, the whole buffer should not be considered trusted.
--
Ihor Radchenko // yantar92,
Org mode maintainer,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/14
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Ihor Radchenko, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers,
Ihor Radchenko <=
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eli Zaretskii, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Kangas, 2024/12/15
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Dmitry Gutov, 2024/12/16
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Monnier, 2024/12/15