From: Stefan Monnier <monnier@IRO.UMontreal.CA>
To: Chong Yidong <cyd@stupidchicken.com>
Cc: djcb@djcbsoftware.nl, emacs-devel@gnu.org
Subject: Re: theme and a question about creating them
Date: Wed, 05 Jan 2011 16:05:09 -0500 [thread overview]
Message-ID: <jwvipy3m7a9.fsf-monnier+emacs@gnu.org> (raw)
In-Reply-To: <87ipy7z8zd.fsf@stupidchicken.com> (Chong Yidong's message of "Sun, 02 Jan 2011 09:16:38 -0500")
>> (defconst mycolor "#123456")
>> (deftheme mytheme)
>> (custom-theme-set-faces 'mytheme
>> `(default ((t (:background ,mycolor)))))
> Currently, the theme loading code is too strict about the forms in the
> theme file that it will evaluate. It uses `unsafep' to check the forms,
> and (defconst mycolor "#123456") is considered unsafe under the criteria
> used by `unsafep'.
> I am not sure what's the best way of handling this.
How 'bout:
(deftheme mytheme)
(let ((mycolor "#123456"))
(custom-theme-set-faces 'mytheme
`(default ((t (:background ,mycolor))))))
> Maybe we should just go back to unconditionally loading theme files,
> since it's unlikely we can make evaluating Elisp code truly safe.
> Any objections or alternative ideas?
IIUC the problem is that users tend to expect themes to be "just data",
without any possible risks, so they may try themes they download from
random places on the web.
So, I think it's OK to use unsafep to weed out the "safe" themes, and
prompt users for the remaining themes. But the prompt should make it
clear that we have no determined the theme to be dangerous, just that
Emacs did not recognize it as obviously safe and is unable to assess
whether it's dangerous or not.
Stefan
next prev parent reply other threads:[~2011-01-05 21:05 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-31 15:52 theme and a question about creating them Dirk-Jan C. Binnema
2011-01-02 14:16 ` Chong Yidong
2011-01-02 17:38 ` Yavuz
2011-01-05 19:26 ` Dirk-Jan C. Binnema
2011-01-05 21:05 ` Stefan Monnier [this message]
2011-01-05 22:30 ` Johan Bockgård
2011-01-07 3:36 ` Stefan Monnier
2011-01-08 3:12 ` Johan Bockgård
2011-01-08 5:26 ` Stefan Monnier
2011-01-11 18:57 ` Johan Bockgård
2011-01-06 0:49 ` Chong Yidong
2011-01-08 19:28 ` Chong Yidong
2011-01-15 0:48 ` Johan Bockgård
2011-01-19 22:42 ` Johan Bockgård
2011-01-20 3:04 ` Chong Yidong
2011-01-20 15:46 ` Stefan Monnier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=jwvipy3m7a9.fsf-monnier+emacs@gnu.org \
--to=monnier@iro.umontreal.ca \
--cc=cyd@stupidchicken.com \
--cc=djcb@djcbsoftware.nl \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).