[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#28350: enriched.el code execution

From: Glenn Morris
Subject: bug#28350: enriched.el code execution
Date: Mon, 11 Sep 2017 12:32:38 -0400
User-agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)

Eli Zaretskii wrote:

>> At this point it seems that unsafe display specs are more the
>> exception than the rule, so it might make sense to define the
>> `enriched-display-prop-safe-p' function by excluding the unsafe
>> specifications instead of including the safe ones.  What do you
>> think?
> I'm not sure.  The display spec can be complex, so to make sure none
> of these exceptions sneak through, you will have to recursively unpack
> the spec data structure and examine each of the elements, which smells
> too similar to emulating 'eval'.  No?

FWIW, there is 'unsafep'.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]