|
From: | Jim Porter |
Subject: | Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop |
Date: | Wed, 8 Mar 2023 09:03:30 -0800 |
On 3/8/2023 6:17 AM, Eli Zaretskii wrote:
From: Robert Pluim <rpluim@gmail.com> Cc: Po Lu <luangruo@yahoo.com>, emacs-devel@gnu.org Date: Wed, 08 Mar 2023 12:47:19 +0100 We can then add `--funcall' to emacs-30, and revisit this there.Fair warning: I will object to adding --funcall just for this niche problem. We didn't reach an agreement about --funcall at the time, and for good reasons; this particular use case does absolutely nothing to change the outcome of that discussion.
In bug#57752, we'd discussed adding --apply to emacs and emacsclient, which might work better for this case, as well as to make other similar cases easier: Org mode uses some pretty extensive hacks in order to get org-protocol:// URLs working in emacsclient, and eliminating that would be very nice.
[Prev in Thread] | Current Thread | [Next in Thread] |