[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode
|
From: |
Matthew Lundin |
|
Subject: |
Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode |
|
Date: |
Wed, 30 Jun 2010 08:53:13 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux) |
Hi Carsten,
Thanks so much both for thinking this through. And thanks again, Eric,
for your work in integrating org-babel into org-mode---including taking
into account a humble user's concerns! :)
Carsten Dominik <address@hidden> writes:
> Here is what I propose (several items are similar to what Eric proposes)
>
> 1. A new variable org-turn-on-babel. We can discuss the default.
> If it is nil, org-babel should not be loaded.
> A default of t would be fine with me if we implement other
> measures listed below.
I think the default should be t, but I also like giving users the option
of not loading org-babel.
> 2. As Eric proposes, a variable similar to org-confirm-shell-link-
> function
> This should by default query for confirmation on any org-babel
> code execution, and can be configured to shut up by people who know
> what they are doing.
>
> 3. Not loading emacs lisp evaluation by default.
>
> 4. A new key in the babel keymap for org-babel-execute-code-block,
> for example `C-c C-v e'. This should be documented as the default
> key for this operation.
>
> 5. Removing org-babel-execute-code-block from `C-c C-c'. Inclusion
> should be optional.
>
> 6. A section in the manual on code execution and associated security
> risks in Org mode. This is not only about babel, but also about
> org-eval, org-eval-light, shell links and elisp links. I have meant
> to write this section for a long time and would be willing to
> draft it. We could then refer to this section from a couple of
> places in the docs, without cluttering the docs with disclaimers.
With safeguards with 2, 4, 5, and 6, would it be safe to skip #3 and
load emacs-lisp evaluation by default? The primary risk right now is
that C-c C-c is so easy to press. But if we change the keybinding and
add a default warning, I believe the emacs-lisp evaluation would not
pose undue dangers. After all, emacs already makes it easy to evaluate
emacs-lisp code. IMO, other languages are a bit more dangerous, since
they are "out of context" in an org-mode document---i.e., one is not
necessarily as cautious about the pitfalls of executing shell commands,
perl code, etc. as one is when using the command line or executing a
script.
Best,
Matt
- [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, (continued)
- [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/29
- [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/29
- [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/29
- Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Nick Dokos, 2010/06/29
- Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/30
- Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/30
- [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Matthew Lundin, 2010/06/30
Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Carsten Dominik, 2010/06/30
Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/30
[Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Dan Davison, 2010/06/30
[Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/30
[Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Stephan Schmitt, 2010/06/30
[Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Matthew Lundin, 2010/06/30
Re: [Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/30
[Orgmode] Re: [ANN] Org-babel integrated into Org-mode, Eric Schulte, 2010/06/30