bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable

From:	Glenn Morris
Subject:	bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable
Date:	Tue, 08 Feb 2022 20:08:14 -0500
User-agent:	Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)

I suppose the assumption is that code already available in the user's
environment is not intrinsically malicious (ie does not contain
deliberately harmful mode definitions). Rather the file-local variables
safety mechanisms are intended to protect against malicious code
actually embedded in the file being visited; something like eval:
(shell-command ...).

It underlines again the need to be careful about what elisp libraries
one installs (although the simple act of installing a package can
already directly execute arbitrary code anyway).

[Prev in Thread]

Current Thread

[Next in Thread]

bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable, Ignacio Casso, 2022/02/08
- bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable, Glenn Morris, 2022/02/08
  - bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable, Glenn Morris <=
  - bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable, Lars Ingebrigtsen, 2022/02/09

Prev by Date: bug#53871: 29.0.50; Emacs freezes with new child-frame option
Next by Date: bug#53889: 29.0.50; obsolete git-sh-setup function sane_egrep in pre-commit hook
Previous by thread: bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable
Next by thread: bug#53876: 27.2; "eval: (X-mode)" is always safe as file local variable
Index(es):
- Date
- Thread