[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: make defcustom automatically mark some variables as safe
From: |
Stefan Monnier |
Subject: |
Re: make defcustom automatically mark some variables as safe |
Date: |
Thu, 25 Oct 2007 21:18:14 -0400 |
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) |
> What do people think of the idea of changing defcustom to give
> some variable types a safe-local-variable property by default?
> I mean that, eg, defcustom'ing a variable of :type integer would do:
> (put 'variable 'safe-local-variable 'integerp)
> Similarly for :type boolean (booleanp), string and regexp (stringp),
> and others where it makes sense.
I think this is wrong: one of the main changes in Emacs-22 w.r.t file-local
variables is that we made them safe: from no on, a file-local variable
should never be blindly accepted if we're not "sure" that it's safe.
So this would be a step backward since it would usually make good decisions
but not always (e.g. `enable-local-eval' could very well have been defined
with `:type boolean') so that would introduce security holes until someone
notices them.
Stefan