From: Daniel Mendler via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
To: Dmitry Gutov <dmitry@gutov.dev>
Cc: 74879@debbugs.gnu.org, Stefan Monnier <monnier@iro.umontreal.ca>,
Stefan Kangas <stefankangas@gmail.com>
Subject: bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers
Date: Tue, 17 Dec 2024 12:30:14 +0100 [thread overview]
Message-ID: <87h6721r95.fsf@daniel-mendler.de> (raw)
In-Reply-To: <e97bbc5e-eb4a-46b7-aa96-3db1a56173a2@gutov.dev> (Dmitry Gutov's message of "Tue, 17 Dec 2024 03:42:16 +0200")
Dmitry Gutov <dmitry@gutov.dev> writes:
> And with code completion they press C-M-i - which is something people do
> regularly as well. It wouldn't really matter than auto-completion handler runs
> once per input while you only press C-M-i once per minute, or even once per
> hour. To compromise a system or the user's data (this is what we're talking
> about, right?), it only needs to happen once.
>
> I don't imagine we're going to slap a "there be dragons" warning on every
> auto-completion option, and on 'completion-at-point' either.
I don't disagree with your points. For me the issue here has been solved
satisfactorily given Stefan's recent changes in the emacs-30 branch,
such that the trust facilities can be used in non-file buffers.
As for the usefulness of the trust feature - I think one can use it for
both disabling certain dangerous code like macro expansion to close a
security hole, and also to adjust confirmation settings in user
configurations.
For example in trusted buffers or trusted files confirmation a user
might want to execute Org babel or Org links directly, while this should
not happen in downloaded files or buffers coming from Gnus. While
disabling confirmation decreases security, disabling confirmation only
in trusted buffers is still better than disabling confirmation globally.
The same applies to file-local variables. In trusted files, one may want
to activate file-local variables always or with confirmation, while in
untrusted files, local variables should be disabled entirely or only
:safe variables should be loaded.
Daniel
next prev parent reply other threads:[~2024-12-17 11:30 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-15 0:39 bug#74879: 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 10:16 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 10:47 ` Eli Zaretskii
2024-12-15 10:56 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 11:18 ` Eli Zaretskii
2024-12-15 11:37 ` Ihor Radchenko
2024-12-15 12:29 ` Eli Zaretskii
2024-12-15 12:50 ` Ihor Radchenko
2024-12-15 13:38 ` Eli Zaretskii
2024-12-15 13:46 ` Stefan Kangas
2024-12-16 13:32 ` Dmitry Gutov
2024-12-16 13:41 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-17 1:42 ` Dmitry Gutov
2024-12-17 11:30 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors [this message]
2024-12-15 14:03 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 14:30 ` Stefan Kangas
2024-12-15 22:24 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 14:55 ` Gerd Möllmann
2024-12-15 15:10 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 15:16 ` Gerd Möllmann
2024-12-15 18:38 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-15 22:41 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 7:52 ` Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 12:39 ` Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 14:31 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 21:59 ` Stefan Kangas
2024-12-17 17:38 ` Ihor Radchenko
2024-12-18 0:04 ` Stefan Kangas
2024-12-16 9:29 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 14:43 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 18:48 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-16 9:43 ` Daniel Mendler via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-18 14:11 ` Dmitry Gutov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h6721r95.fsf@daniel-mendler.de \
--to=bug-gnu-emacs@gnu.org \
--cc=74879@debbugs.gnu.org \
--cc=dmitry@gutov.dev \
--cc=mail@daniel-mendler.de \
--cc=monnier@iro.umontreal.ca \
--cc=stefankangas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).