unofficial mirror of emacs-devel@gnu.org 
 help / color / mirror / code / Atom feed
* Re: unsafep - Malicious code detector
       [not found] <3CA5E22D.FF89331E@comcast.net>
@ 2002-04-01  5:16 ` Richard Stallman
  2002-05-13 19:04   ` Florian Weimer
  0 siblings, 1 reply; 2+ messages in thread
From: Richard Stallman @ 2002-04-01  5:16 UTC (permalink / raw)
  Cc: emacs-devel

This could be very useful, but I think it needs to overcome
some of these limitations:

    ;; This is a simplistic implementation that does not allow any access to
    ;; files or buffers or global variables.

Why not allow read-access to files, buffers and global variables?

    ;;  2.  It's a symbol with the `side-effect-free' property, defined by the
    ;;      byte compiler or user.  We extend the meaning of this property:
    ;;      value nil indicates that the function or macro has side effects
    ;;      but is otherwise safe.

I think it would be cleaner to use a different property for that
purpose.

    ;;  3.  It's a member of list `unsafep-disable', so the user says it's safe.

How about renaming that to `safe-function'.

    ;; A lexical binding is unsafe if its symbol:

Emacs Lisp does not have lexical bindings, so what does that
really refer to?

    ;; A target variable is unsafe if:

What is a "target variable"?

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: unsafep - Malicious code detector
  2002-04-01  5:16 ` unsafep - Malicious code detector Richard Stallman
@ 2002-05-13 19:04   ` Florian Weimer
  0 siblings, 0 replies; 2+ messages in thread
From: Florian Weimer @ 2002-05-13 19:04 UTC (permalink / raw)
  Cc: jyavner, emacs-devel

Richard Stallman <rms@gnu.org> writes:

>     ;; This is a simplistic implementation that does not allow any access to
>     ;; files or buffers or global variables.
>
> Why not allow read-access to files, buffers and global variables?

Read access to files opens covert channels (using the file atime).

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-05-13 19:04 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <3CA5E22D.FF89331E@comcast.net>
2002-04-01  5:16 ` unsafep - Malicious code detector Richard Stallman
2002-05-13 19:04   ` Florian Weimer

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).