[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: My emacs was upgraded and I am a novice again
From: |
Tim X |
Subject: |
Re: My emacs was upgraded and I am a novice again |
Date: |
Sun, 07 Oct 2007 15:45:53 +1000 |
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.1.50 (gnu/linux) |
Bruce Korb <Bruce.Korb@gmail.com> writes:
> This addition: (setq disabled-command-function nil)
> seemed reasonable. It isn't quite a complete cover tho:
>
>> The local variables list in configure.in
>> contains values that may not be safe (*).
>>
>> Do you want to apply it? You can type
>> y -- to apply the local variables list.
>> n -- to ignore the local variables list.
>> ! -- to apply the local variables list, and permanently mark these
>> values (*) as safe (in the future, they will be set automatically.)
>>
>> mode : autoconf-mode
>> indent-tabs-mode : nil
>> sh-indentation : 2
>
> OK, so I've made it permanent so ``sh-indentation 2''
> will no longer be treated with suspicion. The *NEXT*
> suspicious thing will interrupt me again, however.
> I think that this:
>
> '(safe-local-variable-values (quote ((sh-indentation . 2))))
>
> should be *ENTIRELY* disabled, not just the one "sh-indentation"
> entry. I don't exactly know who thinks I need protection from
> nefarious things like two-space indentation, but the reason I
> had that assignment is because I wanted that assignment in there.
>
>> There was never such a user setting in Emacs. You always had to
>> enable each command individually (unless you are an advanced user and
>> know how to set a function to nil without causing damage).
>
> The problem, of course, are the newly added protections with
> less-than-obvious ways of telling emacs, "Please stop protecting
> me." In the case above, it is not a disabled command issue.
> It is some collection of variable values that someone thought
> would be "dangerous". So, I guess, in the end, I'm asking for
> an enhancement:
>
> (custom-set-variables
> '(protective-mode nil))
>
> and from that day forth, never worry about emacs protecting me
> from myself ever again. :-} Thank you! Cheers - Bruce
>
>
I think it is resonable to request such a feature and recommend you send
such a request to the emacs-devel list.
However, it should be explicitly noted that -
1. This is not a new feature. This protection was included in emacs 21 and
I think emacs 20.
2. The reason isn't so much to protect you from yourself, but protect you
from the malicious aims of others. Theoretically, someone could put a very
malicious (even virus/trojan like) bit of code in the local variables
section of a file. Opening that file in your emacs would cause this to be
executed and could have some nasty or unexpected consequences.
However, I think as long as the user has to actively disable
checking/verification, it is reasonable to allow such an option. I don't
like software that tries to be too much of a Nanny - if I want to do
something stupid, I should be allowed to!
Tim
--
tcross (at) rapttech dot com dot au