[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Confusion about org-confirm-babel-evaluate's behavior while exportin
From: |
吴锐扬 |
Subject: |
Re: Confusion about org-confirm-babel-evaluate's behavior while exporting lob calls |
Date: |
Tue, 27 Oct 2020 10:47:04 -0700 |
This is just a follow up to see if anyone have insights on this matter. Thanks
Ruiyang
> On Oct 14, 2020, at 1:18 PM, 吴锐扬 <ywwry66@gmail.com> wrote:
>
> Hi,
>
> I have org-confirm-babel-evaluate set to t by default. With this, I expect to
> be queried with the execution of every code block or lob call. However, this
> does not happen when exporting lob calls (to latex for example). Here is an
> example:
> ______________________________________
>
> 1. Exporting code block (with evaluation)
> #+name: foo
> #+begin_src emacs-lisp :exports both
> (message "hello world!")
> #+end_src
>
> When exporting this to latex, I get queried as expected. And there is no way
> to suppress the query unless I change org-confirm-babel-evaluate to nil.
>
> 2. Exporting lob call
> #+name: foo
> #+begin_src emacs-lisp
> (message "hello world!")
> #+end_src
>
> #+call: foo()
>
> When exporting this to latex, I don’t get queried. This seems dangerous to me.
> ______________________________________
>
> I find it hard to explain this inconsistency. If org-confirm-babel-evaluate
> is designed to be a protective layer, then a user might export an org file
> that includes malicious code along with a lob call, while unawarely execute
> that code without being warned. This seems to defeat the purpose of
> org-confirm-babel-evaluate.
>
> As I searched the archive, I found this change was introduced in the
> following thread:
> https://lists.gnu.org/archive/html/emacs-orgmode/2013-04/msg00764.html
>
> + (let (org-confirm-babel-evaluate)
> + (org-babel-execute-src-block nil info))))))))))
>
> Do you think this is the intended behavior of org-confirm-babel-evaluate, or
> am I missing something?
>
> Thanks,
> Ruiyang
>