Received: (at 61901) by debbugs.gnu.org; 2 Mar 2023 06:57:13 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Mar 02 01:57:13 2023 Received: from localhost ([127.0.0.1]:55640 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1pXcsL-0001Zj-1o for submit <at> debbugs.gnu.org; Thu, 02 Mar 2023 01:57:13 -0500 Received: from eggs.gnu.org ([209.51.188.92]:56196) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <eliz@HIDDEN>) id 1pXcsJ-0001ZX-QP for 61901 <at> debbugs.gnu.org; Thu, 02 Mar 2023 01:57:12 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1pXcsE-0000qn-2n; Thu, 02 Mar 2023 01:57:06 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=iE9iae6A3Vz4EqqD2pb8vg7Bs7iMO4mc4QK9gaec19U=; b=PH+Wq5VRO8DK zBZStwNUpd8xau8ShkhDi/bk0rMSG4toqH+ALDPVFXWP1lr8v3nfl9LuuOVfrAr6F5wQ3JdngitD0 7D5SerK0kMOut5kCN/H8XvL6DU3WzxJy2UYWt5Bkp14WQLDqL9frpHdzxNMX482ZsdzG0BIUBpzS3 T4rnzgRCIEoxNfc4uPmf9JHTyN+PfH/jH6SWseLYjy12oEWdwVRoJ9LvD1VwYZLC6wTsVYSNmKryP FMyMia3A6OCblQzM5KezwOtQDHFm/hhS0Y3OrSFv+l5zoy6N/ACGFJnU7pBxLhcCXYmbVKj3gSjgO KaIG9N55ksW6U7RQRrNwJA==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <eliz@HIDDEN>) id 1pXcsD-00047E-JE; Thu, 02 Mar 2023 01:57:05 -0500 Date: Thu, 02 Mar 2023 08:57:21 +0200 Message-Id: <83wn3zej3i.fsf@HIDDEN> From: Eli Zaretskii <eliz@HIDDEN> To: Antero Mejr <antero@HIDDEN> In-Reply-To: <87sfeoksuk.fsf@HIDDEN> (bug-gnu-emacs@HIDDEN) Subject: Re: bug#61901: 30.0.50; [PATCH] Add permanently-enabled-local-variable-dirs variable. References: <87sfeoksuk.fsf@HIDDEN> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 61901 Cc: 61901 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) > Date: Wed, 01 Mar 2023 22:20:33 +0000 > From: Antero Mejr via "Bug reports for GNU Emacs, > the Swiss army knife of text editors" <bug-gnu-emacs@HIDDEN> > > This patch allows users to trust directories to load dir-local variables > from, so they don't have to do something lile this: > (defun risky-local-variable-p (sym &optional _ignored) nil) > as suggested here: > https://emacs.stackexchange.com/questions/10983/remember-permission-to-execute-risky-local-variables > > It also works over TRAMP if enable-remote-dir-locals is true. Thanks, IMO this is a very useful feature. > --- a/doc/lispref/variables.texi > +++ b/doc/lispref/variables.texi > @@ -1974,6 +1974,12 @@ File Local Variables > symbols. > @end defvar > > +@defvar permanently-enabled-local-variable-dirs > +This is a list of trusted directories that contain local variables. > +Local variables in these directories will always be enabled, regardless > +of whether they are risky. > +@end defvar This should explicitly allude to the '.dir-locals.el' files in those directories, since otherwise talking about "directories that contain variables" could be confusing. I also suggest to rename the variable to something like 'permanently-safe-local-variable-directories', or maybe just 'safe-local-variable-directories' which IMO should express the purpose better. > -Also see the `permanently-enabled-local-variables' variable." > +Also see the `permanently-enabled-local-variables' and > +'permanently-enabled-local-variable-dirs' variables." ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ We quote `like this' in doc strings, to produce links in the *Help* buffers. > +(defcustom permanently-enabled-local-variable-dirs '() > + "A list of directories that contain local variables that are always > +enabled, regardless of whether they are risky." The first line of a doc string should be a single complete sentence. (This is because the various apropos commands show only the first line of the doc string.) > @@ -3730,7 +3739,9 @@ hack-local-variables-confirm > ! -- to apply the local variables list, and permanently mark these > values (*) as safe (in the future, they will be set automatically.) > i -- to ignore the local variables list, and permanently mark these > - values (*) as ignored\n\n") > + values (*) as ignored > ++ -- to apply the local variables list, and permanently trust " > + name "\n\n") "permanently trust name" sounds confusing (what is "name"?). How about this variant: + -- to apply the local variables list, and permanently trust all directory-local variables in this directory > @@ -3762,8 +3773,13 @@ hack-local-variables-confirm > char) > (when offer-save > (push ?i exit-chars) > - (push ?! exit-chars)) > + (push ?! exit-chars) > + (push ?+ exit-chars)) > (setq char (read-char-choice prompt exit-chars)) > + (when (and offer-save (= char ?+)) > + (customize-push-and-save > + 'permanently-enabled-local-variable-dirs > + (list dir-name))) Bother: AFAIU here we modify the user's custom file without asking for an explicit permission. Should we ask for permission? Last, but not least: this change is larger than what we can accept without you assigning to FSF the copyright for your changes, and I don't see any copyright assignment in your name on file. Would you be willing to do the legal paperwork for such an assignment? If yes, I will send you the form to start the paperwork rolling; when it is completed, we can install your changes. Thanks.
bug-gnu-emacs@HIDDEN
:bug#61901
; Package emacs
.
Full text available.Received: (at submit) by debbugs.gnu.org; 1 Mar 2023 22:31:03 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 01 17:31:03 2023 Received: from localhost ([127.0.0.1]:55211 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1pXUyU-0002rI-CO for submit <at> debbugs.gnu.org; Wed, 01 Mar 2023 17:31:02 -0500 Received: from lists.gnu.org ([209.51.188.17]:36388) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <antero@HIDDEN>) id 1pXUyS-0002r3-Ci for submit <at> debbugs.gnu.org; Wed, 01 Mar 2023 17:31:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <antero@HIDDEN>) id 1pXUyS-0005XM-6I for bug-gnu-emacs@HIDDEN; Wed, 01 Mar 2023 17:31:00 -0500 Received: from mout-p-101.mailbox.org ([80.241.56.151]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from <antero@HIDDEN>) id 1pXUyP-00053u-PB for bug-gnu-emacs@HIDDEN; Wed, 01 Mar 2023 17:30:59 -0500 Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4PRppS4XlDz9sSS for <bug-gnu-emacs@HIDDEN>; Wed, 1 Mar 2023 23:30:24 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailbox.org; s=mail20150812; t=1677709824; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=K9lD2zACD9/PmXIuMYcRDKjp/UzoQ9ullRVNcrRxaBk=; b=KJ6xHaHX3BWKFNkaQXocKluzJxhg4OEz+KdbxBAR3yLU6wKVJgzr44ds3GCDHLS/3MtFFx DM0UPhv9uib1JvLfKIxwxlxv/vEIrqXSY1rXMS3ekZzLSTIckhN4c+nupgPRTIwIB2S0G5 fA/86g6audaSpT5Jyc4hSYV86Q190hEmx5nALAqTWfBC5yPQhSn5sMctnZBUYlVaXojVv3 GEA1M+5kVUR/lvTkXncE+hzAV2Ek8oPE2wV8YQDkJ2GmgLpZin5vPgyaOhDMLMfCgPg+E6 2+OLQT1eCr8DfagARXGEmzGNMXJ5yCJETrWmRVNvAi9n2rOQ53m7gzY3r9SHIA== From: Antero Mejr <antero@HIDDEN> To: bug-gnu-emacs@HIDDEN Subject: 30.0.50; [PATCH] Add permanently-enabled-local-variable-dirs variable. Date: Wed, 01 Mar 2023 22:20:33 +0000 Message-ID: <87sfeoksuk.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-MBO-RS-META: hrggins9umdge4xsoz6jg36j9y6ogmcj X-MBO-RS-ID: 1c79a36e36ecc3d0473 Received-SPF: pass client-ip=80.241.56.151; envelope-from=antero@HIDDEN; helo=mout-p-101.mailbox.org X-Spam_score_int: -23 X-Spam_score: -2.4 X-Spam_bar: -- X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.3 (--) --=-=-= Content-Type: text/plain This patch allows users to trust directories to load dir-local variables from, so they don't have to do something lile this: (defun risky-local-variable-p (sym &optional _ignored) nil) as suggested here: https://emacs.stackexchange.com/questions/10983/remember-permission-to-execute-risky-local-variables It also works over TRAMP if enable-remote-dir-locals is true. --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-Add-permanently-enabled-local-variable-dirs-variable.patch From 93494f5beb4b51d989ea87755c077379458ffb04 Mon Sep 17 00:00:00 2001 From: Antero Mejr <antero@HIDDEN> Date: Wed, 1 Mar 2023 21:59:57 +0000 Subject: [PATCH] Add permanently-enabled-local-variable-dirs variable. This variable can be set to automatically load risky dir-local variables from a list of trusted directories. * lisp/emacs-lisp/files.el (permanently-enabled-local-variable-dirs, hack-local-variables-filter, hack-local-variables-confirm): New variable and associated logic. * test/lisp/files-tests.el (files-tests-permanently-enabled-local-variable-dirs): Add tests for same. * doc/lispref/variables.texi (File Local Variables): Add documentation for same. * etc/NEWS (Lisp Changes in Emacs 30.1): Add news entry for same. --- doc/lispref/variables.texi | 6 ++++++ etc/NEWS | 5 +++++ lisp/files.el | 27 ++++++++++++++++++++++----- test/lisp/files-tests.el | 22 ++++++++++++++++++++++ 4 files changed, 55 insertions(+), 5 deletions(-) diff --git a/doc/lispref/variables.texi b/doc/lispref/variables.texi index 5584cbce9a6..47cfb824dcb 100644 --- a/doc/lispref/variables.texi +++ b/doc/lispref/variables.texi @@ -1974,6 +1974,12 @@ File Local Variables symbols. @end defvar +@defvar permanently-enabled-local-variable-dirs +This is a list of trusted directories that contain local variables. +Local variables in these directories will always be enabled, regardless +of whether they are risky. +@end defvar + @defun hack-local-variables &optional handle-mode This function parses, and binds or evaluates as appropriate, any local variables specified by the contents of the current buffer. The variable diff --git a/etc/NEWS b/etc/NEWS index 31fb22fc1e2..cc5198a903b 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -238,6 +238,11 @@ hooks named after the feature name, like 'esh-mode-unload-hook'. * Lisp Changes in Emacs 30.1 ++++ +** New variable 'permanently-enabled-local-variable-dirs'. +This variable is used to to permanently trust directories containing +risky directory-local variables. + ** Functions and variables to transpose sexps +++ diff --git a/lisp/files.el b/lisp/files.el index 387a3b5dc66..bde126375ae 100644 --- a/lisp/files.el +++ b/lisp/files.el @@ -681,7 +681,8 @@ enable-local-variables always obeys file local variable specifications and the -*- line, and ignores this variable. -Also see the `permanently-enabled-local-variables' variable." +Also see the `permanently-enabled-local-variables' and +'permanently-enabled-local-variable-dirs' variables." :risky t :type '(choice (const :tag "Query Unsafe" t) (const :tag "Safe Only" :safe) @@ -3692,6 +3693,14 @@ permanently-enabled-local-variables "A list of file-local variables that are always enabled. This overrides any `enable-local-variables' setting.") +(defcustom permanently-enabled-local-variable-dirs '() + "A list of directories that contain local variables that are always +enabled, regardless of whether they are risky." + :version "30.1" + :type '(repeat string) + :risky t + :group 'find-file) + (defun hack-local-variables-confirm (all-vars unsafe-vars risky-vars dir-name) "Get confirmation before setting up local variable values. ALL-VARS is the list of all variables to be set up. @@ -3730,7 +3739,9 @@ hack-local-variables-confirm ! -- to apply the local variables list, and permanently mark these values (*) as safe (in the future, they will be set automatically.) i -- to ignore the local variables list, and permanently mark these - values (*) as ignored\n\n") + values (*) as ignored ++ -- to apply the local variables list, and permanently trust " + name "\n\n") (insert "\n\n")) (dolist (elt all-vars) (cond ((member elt unsafe-vars) @@ -3754,7 +3765,7 @@ hack-local-variables-confirm (pop-to-buffer buf '(display-buffer--maybe-at-bottom)) (let* ((exit-chars '(?y ?n ?\s)) (prompt (format "Please type %s%s: " - (if offer-save "y, n, ! or i" "y or n") + (if offer-save "y, n, !, i, or +" "y or n") (if (< (line-number-at-pos (point-max)) (window-body-height)) "" @@ -3762,8 +3773,13 @@ hack-local-variables-confirm char) (when offer-save (push ?i exit-chars) - (push ?! exit-chars)) + (push ?! exit-chars) + (push ?+ exit-chars)) (setq char (read-char-choice prompt exit-chars)) + (when (and offer-save (= char ?+)) + (customize-push-and-save + 'permanently-enabled-local-variable-dirs + (list dir-name))) (when (and offer-save (or (= char ?!) (= char ?i)) unsafe-vars) @@ -3772,7 +3788,7 @@ hack-local-variables-confirm 'safe-local-variable-values 'ignored-local-variable-values) unsafe-vars)) - (prog1 (memq char '(?! ?\s ?y)) + (prog1 (memq char '(?! ?\s ?y ?+)) (quit-window t))))))) (defconst hack-local-variable-regexp @@ -3904,6 +3920,7 @@ hack-local-variables-filter (null unsafe-vars) (null risky-vars)) (memq enable-local-variables '(:all :safe)) + (member dir-name permanently-enabled-local-variable-dirs) (hack-local-variables-confirm all-vars unsafe-vars risky-vars dir-name)) (dolist (elt all-vars) diff --git a/test/lisp/files-tests.el b/test/lisp/files-tests.el index aadb60e1de7..95eaf9a6bd0 100644 --- a/test/lisp/files-tests.el +++ b/test/lisp/files-tests.el @@ -166,6 +166,28 @@ files-tests-permanent-local-variables (hack-local-variables) (should (eq lexical-binding nil))))) +(ert-deftest files-tests-permanently-enabled-local-variable-dirs () + ;; permanently-enabled-local-variable-dirs should be risky, + ;; so use it as an arbitrary risky variable. + (let ((test-alist '((permanently-enabled-local-variable-dirs + . "some_val"))) + (fakedir "test1/test2") + (enable-local-eval t)) + (with-temp-buffer + (setq permanently-enabled-local-variable-dirs (list fakedir)) + (hack-local-variables-filter test-alist fakedir) + (should (equal file-local-variables-alist test-alist))) + (with-temp-buffer + (setq permanently-enabled-local-variable-dirs (list fakedir)) + (setq noninteractive t) + (hack-local-variables-filter test-alist "wrong") + (should-not (equal file-local-variables-alist test-alist))) + (with-temp-buffer + (setq permanently-enabled-local-variable-dirs '()) + (setq noninteractive t) + (hack-local-variables-filter test-alist fakedir) + (should-not (equal file-local-variables-alist test-alist))))) + (defvar files-test-bug-18141-file (ert-resource-file "files-bug18141.el.gz") "Test file for bug#18141.") -- 2.38.1 --=-=-=--
Antero Mejr <antero@HIDDEN>
:bug-gnu-emacs@HIDDEN
.
Full text available.bug-gnu-emacs@HIDDEN
:bug#61901
; Package emacs
.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.