From: Eli Zaretskii <eliz@gnu.org>
To: Stefan Monnier <monnier@iro.umontreal.ca>
Cc: acorallo@gnu.org, jm@pub.pink, stefankangas@gmail.com,
75017@debbugs.gnu.org
Subject: bug#75017: 31.0.50; Untrusted user lisp files
Date: Sun, 22 Dec 2024 08:12:49 +0200 [thread overview]
Message-ID: <86h66w6yam.fsf@gnu.org> (raw)
In-Reply-To: <jwv4j2wcsvj.fsf-monnier+emacs@gnu.org> (message from Stefan Monnier on Sat, 21 Dec 2024 22:16:05 -0500)
> From: Stefan Monnier <monnier@iro.umontreal.ca>
> Cc: john muhl <jm@pub.pink>, 75017@debbugs.gnu.org, Eli Zaretskii
> <eliz@gnu.org>, Andrea Corallo <acorallo@gnu.org>
> Date: Sat, 21 Dec 2024 22:16:05 -0500
>
> > Maybe we should install something like the below?
>
> Fine by me, but I think this should be added via a new
> `trusted-content-function(s)` and added buffer-locally only in
> elisp-mode buffers.
Sorry, but this is slippery slope. For starters, no one said that
site-run-file is installed by a sysadmin -- that is only so on certain
systems. For example, MS-Windows is generally not in that category.
More generally, if we go this way, i.e. every complaint by some user
about a file that _could_ be trusted, or even is trusted on a group of
systems, causes us to add more and more files and directories to the
trusted list, there will be no end to this, and, significantly, Emacs
30 will never be released.
So from where I stand, what we have now on the latest emacs-30 branch
is as good and as far as it gets, at least for Emacs 30. My
suggestion to anyone who wants additional files/directories to vet to
please use the existing facilities to add them to the trusted list.
This way, we collect experience and data points regarding which
files/directories and under what conditions should be trusted, and can
improve what we have now in the future. At that future time we should
probably ask users to name the files and directories they needed to
add to the trusted list, and take it from there, making changes which
will take that into account.
If you still insist on installing such changes at this time, please do
that on master. My preference is to wait with this until we have
enough experience with what we have, which means not before Emacs 30.1
is released and a couple of months go by. But if people insist on
installing now on master, I won't object.
Thanks.
next prev parent reply other threads:[~2024-12-22 6:12 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-21 20:48 bug#75017: 31.0.50; Untrusted user lisp files john muhl
2024-12-22 2:47 ` Stefan Kangas
2024-12-22 3:16 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-22 6:12 ` Eli Zaretskii [this message]
2024-12-22 6:19 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86h66w6yam.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=75017@debbugs.gnu.org \
--cc=acorallo@gnu.org \
--cc=jm@pub.pink \
--cc=monnier@iro.umontreal.ca \
--cc=stefankangas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.