bug#75017: 31.0.50; Untrusted user lisp files

[Stefan Kangas]

john muhl <jm@pub.pink> writes:

> user-init-file is trusted by default but not other user files.
>
>   C-xf ~/.emacs.d/early-init.el
>   M-x flymake-mode
>
> Produces a warning:
>
>   Disabling elisp-flymake-byte-compile in early-init.el (untrusted content)
>
> custom-file (when not the same as user-init-file) also causes a
> warning. Should these also be trusted by default?
>
> What about files put in place by a system admin or your distro’s
> Emacs package (e.g. site-run-file, default.el)? They generally
> require root priviledges to install so if they can’t be trusted
> you’re already in trouble.

Makes sense to me.

Maybe we should install something like the below?

diff --git a/lisp/files.el b/lisp/files.el
index c92fc0608dd..293f3c59c0d 100644
--- a/lisp/files.el
+++ b/lisp/files.el
@@ -748,10 +748,16 @@ trusted-content-p
          (with-demoted-errors "trusted-content-p: %S"
            (let ((exists (file-exists-p buffer-file-truename)))
              (or
-              ;; We can't avoid trusting the user's init file.
-              (if (and exists user-init-file)
-                  (file-equal-p buffer-file-truename user-init-file)
-                (equal buffer-file-truename user-init-file))
+              ;; We can't avoid trusting the user's init file, etc.
+              (memq t
+                    (mapcar
+                     (lambda (file)
+                       (if (and exists file)
+                           (file-equal-p buffer-file-truename file)
+                         (equal buffer-file-truename file)))
+                     (list user-init-file
+                           early-init-file
+                           site-run-file)))
               (let ((file (abbreviate-file-name buffer-file-truename))
                     (trusted nil))
                 (dolist (tf trusted-content)