bug#75017: 31.0.50; Untrusted user lisp files

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#75017: 31.0.50; Untrusted user lisp files

From:	john muhl
Subject:	bug#75017: 31.0.50; Untrusted user lisp files
Date:	Mon, 23 Dec 2024 11:53:38 -0600
User-agent:	mu4e 1.12.1; emacs 31.0.50

Eli Zaretskii <eliz@gnu.org> writes:

>> From: john muhl <jm@pub.pink>
>> Cc: 75017@debbugs.gnu.org
>> Date: Sun, 22 Dec 2024 18:32:00 -0600
>> 
>> Specifically, I was surprised to find that user-init-file is
>> assumed safe but not early-init-file. After reading the
>> trusted-content part of the manual where it says “…which means no
>> file is trusted.” I assumed that included user-init-file. When I
>> saw that wasn’t the case I then assumed early-init-file would get
>> the same treatment. Maybe a little extra clarity there would be
>> sufficient for now.
>
> Maybe we should trust the early-init-file as well, but then where does
> this end?  The init files can load gobs of other files.  And there's
> also custom-file (when it isn't nil), desktop-dirname and
> desktop-base-file-name, etc. etc.

For Emacs 30 I’d end it with user-init-file, early-init-file and
custom-file. The latter is already an implicit part of trusting of
the user-init-file so it shouldn’t add any additional risk. The
former two are I think in the same category of presumed safeness
so distinguishing one as trusted and the other not seems odd.

Longer term I agree with you that more experience will lead to
better understanding of where to draw the line.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#75017: 31.0.50; Untrusted user lisp files, (continued)

Prev by Date: bug#17219: 24.3.50; wrong alignment when a list is given to dired
Next by Date: bug#74866: 29.4; fit-frame-to-window + no vertical scroll bar + ch
Previous by thread: bug#75017: 31.0.50; Untrusted user lisp files
Next by thread: bug#75017: 31.0.50; Untrusted user lisp files
Index(es):
- Date
- Thread