From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Jonathan Groll Newsgroups: gmane.emacs.help Subject: Re: Does anyone really use emacs in terminal? Date: Thu, 09 May 2013 09:25:08 +0200 Message-ID: <87d2t0aa3v.wl%lists@groll.co.za> References: <0b72021c-139f-4269-8e81-5b5ef97fb83d@googlegroups.com> <8761yu64e4.fsf@Servus.decebal.nl> <87r4higq45.fsf@gmail.com> <87ip2tyftv.fsf@yahoo.fr> <87sj1xs9df.fsf@kuiper.lan.informatimago.com> <20130508194906.GA11349@hysteria.proulx.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Trace: ger.gmane.org 1368084327 2381 80.91.229.3 (9 May 2013 07:25:27 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 9 May 2013 07:25:27 +0000 (UTC) To: help-gnu-emacs@gnu.org Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Thu May 09 09:25:27 2013 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1UaLEE-0003TK-Nl for geh-help-gnu-emacs@m.gmane.org; Thu, 09 May 2013 09:25:26 +0200 Original-Received: from localhost ([::1]:49395 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UaLEE-00069v-75 for geh-help-gnu-emacs@m.gmane.org; Thu, 09 May 2013 03:25:26 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:43509) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UaLE2-00069c-Cm for help-gnu-emacs@gnu.org; Thu, 09 May 2013 03:25:15 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UaLE0-0005sl-AK for help-gnu-emacs@gnu.org; Thu, 09 May 2013 03:25:14 -0400 Original-Received: from mail.groll.co.za ([166.84.7.40]:46019) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UaLE0-0005s0-6a for help-gnu-emacs@gnu.org; Thu, 09 May 2013 03:25:12 -0400 Original-Received: from mail.groll.co.za.groll.co.za (unknown [IPv6:::1]) by mail.groll.co.za (Postfix) with ESMTP id 08EB85FE4D for ; Thu, 9 May 2013 09:25:09 +0200 (SAST) In-Reply-To: User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/24.0 Mule/6.0 (HANACHIRUSATO) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic] X-Received-From: 166.84.7.40 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Original-Sender: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.help:90562 Archived-At: On Wed, 08 May 2013 21:15:10 -0400, Stefan Monnier wrote: > > But emacs will always ask you if it should proceed due to that issue. > > It will never do it automatically. It isn't intrinsically insecure. > > Well, that depends how paranoid you are. It used to be intrinsically > insecure (only prompting the user for things known to be dicey) and has > been improved over the years (always prompting unless told that it's > safe), but there are so many variables marked as "safe" that might be > used in unexpected ways by so many packages that "intrinsically secure" > sounds naive. > > More specifically, I'd be *very* surprised if there aren't any "big > security holes" waiting to be exploited in Emacs. > > > And you would need to be exposed to hostile user attack in order to > > trigger it. > > Yes. I think that's what keeps you safe. > > > Stefan "who uses Zile when running as root" Sure, you can forget you're root, (in all cases), but dired as root is maybe more than just a nice to have. For instance, it makes it easier to browse the system logfiles, etc. I can't say that I'd never use Emacs as root - it is simply too useful, and the trade-off of potential security risk versus utility seems to me to be one that I'm willing to make. Cheers, Jonathan -- jjg: Jonathan J. Groll : groll co za has_one { :blog => "http://bloggroll.com" } Any other Disclaimer in this mail is Wrong.