From: Eli Zaretskii <eliz@gnu.org>
To: Ihor Radchenko <yantar92@posteo.net>
Cc: mail@daniel-mendler.de, 74879@debbugs.gnu.org,
monnier@iro.umontreal.ca, stefankangas@gmail.com
Subject: bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers
Date: Sun, 15 Dec 2024 14:29:38 +0200 [thread overview]
Message-ID: <8634iprux9.fsf@gnu.org> (raw)
In-Reply-To: <87y10hb2im.fsf@localhost> (message from Ihor Radchenko on Sun, 15 Dec 2024 11:37:37 +0000)
> From: Ihor Radchenko <yantar92@posteo.net>
> Cc: Daniel Mendler <mail@daniel-mendler.de>, 74879@debbugs.gnu.org,
> monnier@iro.umontreal.ca, stefankangas@gmail.com
> Date: Sun, 15 Dec 2024 11:37:37 +0000
>
> Eli Zaretskii <eliz@gnu.org> writes:
>
> > The question is serious: how do we envision this "trust" thing to work
> > with buffers that don't visit files? If we are to change the code,
> > certainly on the emacs-30 branch, we need a solid solution which
> > provides more safety/security to users. Adding a variable doesn't
> > solve a problem, it _adds_ a problem (how to populate the variable).
>
> Let me try.
>
> If buffer contents is not coming from a file, it must be generated by
> some Elisp code. That code may as well set trust status.
> For example, *scratch* buffer may have its contents (automatically
> generated) marked as trusted by default.
>
> Does it make sense?
Are you in effect saying that every buffer that doesn't visit a file
should be trusted? If that's accepted, it doesn't need any function.
And can we really trust arbitrary ELisp code that to set trust?
And what about buffers whose contents came from a network connection?
What about buffers whose contents came from inserting some file or
part thereof, or were generated by processing some file?
What about buffers whose contents came from a program Emacs invoked?
next prev parent reply other threads:[~2024-12-15 12:29 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-15 0:39 bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 10:16 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 10:47 ` Eli Zaretskii
2024-12-15 10:56 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 11:18 ` Eli Zaretskii
2024-12-15 11:37 ` Ihor Radchenko
2024-12-15 12:29 ` Eli Zaretskii [this message]
2024-12-15 12:50 ` Ihor Radchenko
2024-12-15 13:38 ` Eli Zaretskii
2024-12-15 13:46 ` Stefan Kangas
2024-12-15 14:03 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 14:30 ` Stefan Kangas
2024-12-15 14:55 ` Gerd Möllmann
2024-12-15 15:10 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 15:16 ` Gerd Möllmann
2024-12-15 18:38 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8634iprux9.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=74879@debbugs.gnu.org \
--cc=mail@daniel-mendler.de \
--cc=monnier@iro.umontreal.ca \
--cc=stefankangas@gmail.com \
--cc=yantar92@posteo.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).