From: Jean Louis <bugs@gnu.support>
To: help-gnu-emacs@gnu.org
Subject: eval myths - Re: How to tame compiler?
Date: Fri, 30 Apr 2021 23:23:03 +0300 [thread overview]
Message-ID: <YIxnJ+HcWBUWBsqp@protected.localdomain> (raw)
In-Reply-To: <874kfn292f.fsf@disroot.org>
* Jorge P. de Morais Neto <jorge+list@disroot.org> [2021-04-30 17:29]:
> Hi all!
>
> Em [2021-04-22 qui 10:46:59-0400], Stefan Monnier escreveu:
>
> >> Is there a way to avoid these warnings?
> >
> > Yes: don't abuse `eval` ;-)
>
> Jean Louis, could you provide a little more detail on what are you using
> ~eval~ for? Some tasks accomplished by eval can be done more safely by
> other means. For example, if you just want symbol indirection, you can
> use ~symbol-value~ (there is also ~symbol-function~). If you want to
> apply a function object to a sequence of arguments, you can use ~apply~
> or ~funcall~.
>
> I know little about Elisp; more experienced hackers may know about other
> mechanisms that avoid the need for ~eval~.
Good read:
https://en.wikipedia.org/wiki/Eval#Security_risks
My eval-ing is equally dangerous as Org Babel evaling. If I write some
destructive commands, well, it will be destructive.
There is no special security risk there, as eval-ing does not take
place online. But I could as well do it online, even then there need
not be any security risk as I can tell which data goes into eval and
decide not to include dynamic data, but currently I do not see any
need for that.
I could write text with eval-ing markup and have it interpolated by
using Emacs on the fly, it would be pretty fast WWW publishing. Let us
say I wish to say when is document last modified, I could just
include:
Last modified: ⟦ (last-modified) ⟧ and it would interpolate into time
stamp of the file in question.
Eval I use also in the nodes in the PostgreSQL database. I am thinking
also to have various database types define for themselves their
presentation or export functions. Right now I have Emacs hashes in the
database. It is similar to properties in Org mode, though I have
properties also as PostgreSQL array type. Some document entry could be
saved in the hash, it expands PostgreSQL data type into something that
Emacs understands, such hash has to be evaled.
Let us say, I defined "Markdown Flavour X" as type, then the type
could have its functions inside of itself in the database. That would
be evaluated with eval and run. HTML could be generated, or some other
program. Instead of hard coding it statically in a program, a remote
or collaborative program could simply access the database by which
access program would be extended, fetched from remote database and
executed. Of course it gives to the remote resource full control about
which program is there. But then there can be PGP signature for
verification if necessary.
--
Jean
Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns
Sign an open letter in support of Richard M. Stallman
https://stallmansupport.org/
https://rms-support-letter.github.io/
next prev parent reply other threads:[~2021-04-30 20:23 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-22 14:43 How to tame compiler? Jean Louis
2021-04-22 14:46 ` Stefan Monnier
2021-04-22 15:47 ` Jean Louis
2021-04-22 16:06 ` Jean Louis
2021-04-30 13:31 ` Jorge P. de Morais Neto
2021-04-30 19:38 ` rcd-template-eval - was " Jean Louis
2021-04-30 19:48 ` rcd-template-eval, much is in Org mode Jean Louis
2021-04-30 20:06 ` Tassilo Horn
2021-04-30 22:08 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-04-30 23:04 ` Org mode rant Jean Louis
2021-05-01 0:46 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 6:10 ` Jean Louis
2021-05-01 6:34 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 9:41 ` On markdown images Jean Louis
2021-05-01 9:59 ` Yuri Khan
2021-05-01 10:18 ` Jean Louis
2021-05-01 11:09 ` Yuri Khan
2021-05-01 11:25 ` Jean Louis
2021-05-02 19:30 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-03 5:43 ` Yuri Khan
2021-05-03 17:08 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-03 23:22 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-04 2:39 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 5:00 ` Org mode rant Bastien
2021-05-01 5:10 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 9:16 ` Jean Louis
2021-05-01 10:06 ` Bastien
2021-05-01 10:42 ` Jean Louis
2021-05-01 10:10 ` Bastien
2021-05-01 11:19 ` Jean Louis
2021-05-01 13:48 ` [External] : " Drew Adams
2021-05-01 14:05 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 10:10 ` Bastien
2021-04-30 20:23 ` Jean Louis [this message]
2021-04-30 22:11 ` eval myths - Re: How to tame compiler? Emanuel Berg via Users list for the GNU Emacs text editor
2021-04-30 23:07 ` Jean Louis
2021-05-01 0:28 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 8:13 ` tomas
2021-04-30 22:06 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-04-30 22:20 ` Stefan Monnier
2021-04-30 22:31 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-04-30 22:50 ` Stefan Monnier
2021-04-30 22:56 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 0:44 ` Michael Heerdegen
2021-05-01 3:49 ` Stefan Monnier
2021-05-01 4:55 ` Michael Heerdegen
2021-05-01 6:34 ` Jean Louis
2021-05-01 13:38 ` Stefan Monnier
2021-05-01 16:19 ` Jean Louis
2021-05-02 5:41 ` Michael Heerdegen
2021-05-02 7:37 ` Jean Louis
2021-05-02 7:45 ` Jean Louis
2021-05-02 9:06 ` tomas
2021-05-02 11:18 ` Jean Louis
2021-05-02 12:24 ` tomas
2021-05-02 18:17 ` Jean Louis
2021-05-02 12:06 ` Stages of WWW development compared to Emacs Lisp development Jean Louis
2021-05-02 16:51 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-02 18:37 ` Jean Louis
2021-05-02 16:45 ` How to tame compiler? Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-02 22:29 ` Stefan Monnier
2021-05-02 23:14 ` Jean Louis
2021-05-03 1:58 ` Eduardo Ochs
2021-05-03 6:51 ` Eval in templates - " Jean Louis
2021-05-01 4:53 ` Michael Heerdegen
2021-05-01 7:05 ` Jean Louis
2021-05-01 7:59 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-01 6:03 ` Jean Louis
2021-05-01 6:17 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-05-02 5:58 ` Michael Heerdegen
2021-05-02 6:54 ` Jean Louis
2021-05-03 21:39 ` Jean Louis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YIxnJ+HcWBUWBsqp@protected.localdomain \
--to=bugs@gnu.support \
--cc=help-gnu-emacs@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.