[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unsafe file variables...
|
From: |
Richard Stallman |
|
Subject: |
Re: Unsafe file variables... |
|
Date: |
Mon, 05 Apr 2004 02:36:45 -0400 |
I think that using authentication for such problems is the wrong approach.
We should check the safety of the code instead.
There is a package whose job is to check an expression for safety.
I installed it last year, but I don't recall the file name.
Of course, it is conservative--there are many programs which are
safe, but it can't tell, so it says "no". That being so, I am not
sure whether this approach will do a good job in practice.
But a good solution was proposed
a while back here: add a customization variable that allows the user to
specify a list of safe code which he's willing to eval in the future.
Perhaps the two features can be combined.
That package could treat anything it finds in that list as "safe".
- Unsafe file variables..., David Kastrup, 2004/04/03
- Re: Unsafe file variables..., Richard Stallman, 2004/04/04
- Re: Unsafe file variables..., Stefan Monnier, 2004/04/04
- Re: Unsafe file variables..., Stefan Monnier, 2004/04/04
- Re: Unsafe file variables..., David Kastrup, 2004/04/04
- Re: Unsafe file variables..., Stefan Monnier, 2004/04/04
- Re: Unsafe file variables..., David Kastrup, 2004/04/04
- Re: Unsafe file variables..., Stefan Monnier, 2004/04/04
- Re: Unsafe file variables..., David Kastrup, 2004/04/05
- Re: Unsafe file variables...,
Richard Stallman <=
- Re: Unsafe file variables..., Kim F. Storm, 2004/04/05
- Re: Unsafe file variables..., Richard Stallman, 2004/04/06
- Re: Unsafe file variables..., Kevin Rodgers, 2004/04/07
- Re: Unsafe file variables..., Kim F. Storm, 2004/04/05
Re: Unsafe file variables..., Kim F. Storm, 2004/04/04