mark .dir-locals.el buffer or file as safe instead of variables as safe

[cdelia@dc.uba.ar]

Hi,

new in town!

I have a .dir-locals.el (with a bunch of 'eval') on my project and I was 
trying to get rid of the confirmation popups.

Anyway, I'm not trying to get help, only presenting you the use case.

reading through info manual I found that we can only mark *variables* as 
*safe* but not a particular *.dir-locals.el* to be secure.

https://www.gnu.org/software/emacs/manual/html_node/emacs/Safe-File-Variables.html#Safe-File-Variables

I'm trying to wrap my head around this, and I, in my *very* humble 
opinion, think, it's a bad design decision.

and that's because:
One just *do not trust variables*, only *those who modify it*.
(1)


Example:

/path-to-my-trusted-land/some-project/.dir-locals.el

^ everything here should be legal, so why bother me with confirmation 
every time a open a file?

/path-to-hell-and-deprived-sleep-nights/some-project/.dir-locals.el

^ everything here should be used *with caution*, and maybe some kind of 
Virgilio to get us out of hell.

So, if a mark foo-variable, on trusted land to get rid of confirmation 
and just happen to open something on hell itself, by accident or glory, 
instead of a peak of dark magic knowledge I could let all hell break 
lose.


Could this be a feature to be implemented?
Should it be?

I newer yet dwell through the deeps of emacs C source, but I can give it 
a try if it isn't a sacrilege or there is something obvious that I'm not 
seeing.


(1) note that the inverse it's not necessary true: it's perfectly fine 
to mark variables as insecure.
Anyway, I'm not against the _possibility_ to mark variables as safe, I'm 
against the lack of a direct method to mark a buffer or a file that 
modify them, to be secure.