unofficial mirror of emacs-orgmode@gnu.org
 help / color / mirror / Atom feed
* Confusion about org-confirm-babel-evaluate's behavior while exporting lob calls
@ 2020-10-14 20:18 吴锐扬
  0 siblings, 0 replies; only message in thread
From: 吴锐扬 @ 2020-10-14 20:18 UTC (permalink / raw)
  To: emacs-orgmode

Hi,

I have org-confirm-babel-evaluate set to t by default. With this, I expect to be queried with the execution of every code block or lob call. However, this does not happen when exporting lob calls (to latex for example). Here is an example:
______________________________________

1. Exporting code block (with evaluation)
#+name: foo
#+begin_src emacs-lisp :exports both
  (message "hello world!")
#+end_src

When exporting this to latex, I get queried as expected. And there is no way to suppress the query unless I change org-confirm-babel-evaluate to nil.

2. Exporting lob call
#+name: foo
#+begin_src emacs-lisp
  (message "hello world!")
#+end_src

#+call: foo()

When exporting this to latex, I don’t get queried. This seems dangerous to me.
______________________________________

I find it hard to explain this inconsistency. If org-confirm-babel-evaluate is designed to be a protective layer, then a user might export an org file that includes malicious code along with a lob call, while unawarely execute that code without being warned. This seems to defeat the purpose of org-confirm-babel-evaluate.

As I searched the archive, I found this change was introduced in the following thread: https://lists.gnu.org/archive/html/emacs-orgmode/2013-04/msg00764.html

+             (let (org-confirm-babel-evaluate)
+               (org-babel-execute-src-block nil info))))))))))

Do you think this is the intended behavior of org-confirm-babel-evaluate, or am I missing something?

Thanks,
Ruiyang



^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-10-14 20:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-14 20:18 Confusion about org-confirm-babel-evaluate's behavior while exporting lob calls 吴锐扬

unofficial mirror of emacs-orgmode@gnu.org

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://yhetil.org/orgmode/0 orgmode/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 orgmode orgmode/ https://yhetil.org/orgmode \
		emacs-orgmode@gnu.org
	public-inbox-index orgmode

Example config snippet for mirrors.
Newsgroups are available over NNTP:
	nntp://news.yhetil.org/yhetil.emacs.orgmode
	nntp://news.gmane.io/gmane.emacs.orgmode


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git