[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used f
From: |
Daniel Mendler |
Subject: |
bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers |
Date: |
Mon, 16 Dec 2024 19:48:44 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Stefan Monnier <monnier@iro.umontreal.ca> writes:
>> The thought was rather that auto completion may be dangerous in general
>
> Maybe I have too narrow a view of completion, but my impression is that
> completion is usually safe. The situation in ELisp where we perform
> macro expansion to try and get the set of local variables in scope and
> where that macro expansion can end up running local code is rather
> unusual, AFAIK.
Agree.
> What kind of situation are you thinking of where completion is unsafe?
Elisp completion on Emacs 29 and older for example ;)
>> I just took another look at the `trusted-content-p' function on the
>> emacs-30 branch:
>>
>> (defun trusted-content-p ()
>> (and (not untrusted-content)
>> buffer-file-truename
>> ...))
>>
>> There is a check for `buffer-file-truename' which means that the issue
>> with non-file-backed buffers remains (Ielm or scratch). Probably (eq
>> trusted-content :all) should be checked first?
>
> Duh! I forgot that the same change toned down the warnings, so I
> didn't look at the right place when "testing". Thanks for the heads up,
> I just fixed it in `emacs-30`.
Thanks for pushing the fix.
>> At the same time one could consolidate the untrusted-content and
>> trusted-content variables as Eshel suggested?
>>
>> (defun trusted-content-p ()
>> (and (not untrusted-content) ;; only for backward compat (deprecated)
>> (not (eq trusted-content :untrusted)) ;; replaces untrusted-content
>> (or (eq trusted-content :all)
>> (and buffer-file-name
>> ...))))
>
> I could go along with that (not for `emacs-30`, tho).
> I'd prefer to get a bit more experience before deciding to do that, tho.
Okay, sure. No urgency about that one.
Just to give some examples where the new trust function could be useful,
assuming that the user really trusts their trusted files:
(setq org-confirm-babel-evaluate (lambda (&rest _)
(not (trusted-content-p)))
org-link-elisp-confirm-function (lambda (prompt)
(or (trusted-content-p)
(y-or-n-p prompt)))
org-link-shell-confirm-function org-link-elisp-confirm-function)
Maybe it is possible to configure `enable-local-variables' similarly.
Daniel
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, (continued)
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Monnier, 2024/12/15
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eshel Yaron, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Eshel Yaron, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Monnier, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Kangas, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Ihor Radchenko, 2024/12/17
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Kangas, 2024/12/17
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Stefan Monnier, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers,
Daniel Mendler <=
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Daniel Mendler, 2024/12/16
- bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers, Dmitry Gutov, 2024/12/18