[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: per-file (or, really, per buffer) allowing/disallowing code block ex
From: |
tomas |
Subject: |
Re: per-file (or, really, per buffer) allowing/disallowing code block execution |
Date: |
Thu, 8 Sep 2022 19:41:48 +0200 |
On Thu, Sep 08, 2022 at 12:34:25PM +0000, Fedja Beader wrote:
> Hello Richard, Ihor and Steven,
>
> I'm aware that file-local variables exist, but it seems that
> all documentation for them put them *into the file*, which is not secure for
> files downloaded from the internet. What is to stop a malicious file from
> setting an "yes, execute me automatically" variable?
While loading the file, only "safe variables" are set without
warning (actually it's a bit more complex: specific variable-
value pairs can be marked as "safe".
See e.g. "12.12 File Local Variables" in the elisp manual.
Cheers
--
t
signature.asc
Description: PGP signature
- per-file (or, really, per buffer) allowing/disallowing code block execution, Fedja Beader, 2022/09/06
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Ihor Radchenko, 2022/09/06
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Greg Minshall, 2022/09/06
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Steven Harris, 2022/09/06
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Ihor Radchenko, 2022/09/08
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Fedja Beader, 2022/09/08
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution,
tomas <=
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Ihor Radchenko, 2022/09/09
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Fedja Beader, 2022/09/09
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Ihor Radchenko, 2022/09/11
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Greg Minshall, 2022/09/12
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Tim Cross, 2022/09/12
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Greg Minshall, 2022/09/13
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Rudolf Adamkovič, 2022/09/19
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Greg Minshall, 2022/09/19
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Rudolf Adamkovič, 2022/09/21
- Re: per-file (or, really, per buffer) allowing/disallowing code block execution, Max Nikulin, 2022/09/22