From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Richard M. Stallman" Newsgroups: gmane.emacs.devel Subject: Re: Risky local variable mechanism Date: Thu, 02 Feb 2006 11:21:27 -0500 Message-ID: References: <200602011024.29973.jyavner@member.fsf.org> Reply-To: rms@gnu.org NNTP-Posting-Host: main.gmane.org Content-Type: text/plain; charset=ISO-8859-15 X-Trace: sea.gmane.org 1138903878 31132 80.91.229.2 (2 Feb 2006 18:11:18 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Thu, 2 Feb 2006 18:11:18 +0000 (UTC) Cc: monnier@iro.umontreal.ca, emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Feb 02 19:11:07 2006 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1F4iup-0003Gy-96 for ged-emacs-devel@m.gmane.org; Thu, 02 Feb 2006 19:10:43 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1F4ixw-0003WW-Pu for ged-emacs-devel@m.gmane.org; Thu, 02 Feb 2006 13:13:56 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1F4hHX-00026a-4z for emacs-devel@gnu.org; Thu, 02 Feb 2006 11:26:03 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1F4hHV-00025l-9T for emacs-devel@gnu.org; Thu, 02 Feb 2006 11:26:02 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1F4hHU-00025d-So for emacs-devel@gnu.org; Thu, 02 Feb 2006 11:26:01 -0500 Original-Received: from [199.232.76.164] (helo=fencepost.gnu.org) by monty-python.gnu.org with esmtp (Exim 4.52) id 1F4hGH-0006TH-2B; Thu, 02 Feb 2006 11:24:45 -0500 Original-Received: from rms by fencepost.gnu.org with local (Exim 4.34) id 1F4hD5-0004Nw-WD; Thu, 02 Feb 2006 11:21:29 -0500 Original-To: Jonathan Yavner In-reply-to: <200602011024.29973.jyavner@member.fsf.org> (message from Jonathan Yavner on Wed, 1 Feb 2006 10:24:29 -0500) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:49929 Archived-At: > Maybe "string and integer custom vars" are all safe, I don't know. No, sendmail-program is not safe, nor is max-eval-lisp-depth. The worst you can do by setting max-lisp-eval-depth is to make Emacs crash or get an error. I am not sure binding sendmail-program is unsafe. It will generally have no effect if you bind it locally in a buffer that isn't a mail buffer. But looking at the more general issue of binding variables that specify programs to run, I am not sure how much of a security issue that is, other than for root. It can only run programs that exist. Even if you could set sendmail-program globally in Emacs, could you actually find a value that would predictably do harm?