Received: (at 61901) by debbugs.gnu.org; 2 Mar 2023 06:57:13 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Mar 02 01:57:13 2023
Received: from localhost ([127.0.0.1]:55640 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1pXcsL-0001Zj-1o
for submit <at> debbugs.gnu.org; Thu, 02 Mar 2023 01:57:13 -0500
Received: from eggs.gnu.org ([209.51.188.92]:56196)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <eliz@HIDDEN>) id 1pXcsJ-0001ZX-QP
for 61901 <at> debbugs.gnu.org; Thu, 02 Mar 2023 01:57:12 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
id 1pXcsE-0000qn-2n; Thu, 02 Mar 2023 01:57:06 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date:
mime-version; bh=iE9iae6A3Vz4EqqD2pb8vg7Bs7iMO4mc4QK9gaec19U=; b=PH+Wq5VRO8DK
zBZStwNUpd8xau8ShkhDi/bk0rMSG4toqH+ALDPVFXWP1lr8v3nfl9LuuOVfrAr6F5wQ3JdngitD0
7D5SerK0kMOut5kCN/H8XvL6DU3WzxJy2UYWt5Bkp14WQLDqL9frpHdzxNMX482ZsdzG0BIUBpzS3
T4rnzgRCIEoxNfc4uPmf9JHTyN+PfH/jH6SWseLYjy12oEWdwVRoJ9LvD1VwYZLC6wTsVYSNmKryP
FMyMia3A6OCblQzM5KezwOtQDHFm/hhS0Y3OrSFv+l5zoy6N/ACGFJnU7pBxLhcCXYmbVKj3gSjgO
KaIG9N55ksW6U7RQRrNwJA==;
Received: from [87.69.77.57] (helo=home-c4e4a596f7)
by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
id 1pXcsD-00047E-JE; Thu, 02 Mar 2023 01:57:05 -0500
Date: Thu, 02 Mar 2023 08:57:21 +0200
Message-Id: <83wn3zej3i.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Antero Mejr <antero@HIDDEN>
In-Reply-To: <87sfeoksuk.fsf@HIDDEN> (bug-gnu-emacs@HIDDEN)
Subject: Re: bug#61901: 30.0.50;
[PATCH] Add permanently-enabled-local-variable-dirs variable.
References: <87sfeoksuk.fsf@HIDDEN>
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 61901
Cc: 61901 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
> Date: Wed, 01 Mar 2023 22:20:33 +0000
> From: Antero Mejr via "Bug reports for GNU Emacs,
> the Swiss army knife of text editors" <bug-gnu-emacs@HIDDEN>
>
> This patch allows users to trust directories to load dir-local variables
> from, so they don't have to do something lile this:
> (defun risky-local-variable-p (sym &optional _ignored) nil)
> as suggested here:
> https://emacs.stackexchange.com/questions/10983/remember-permission-to-execute-risky-local-variables
>
> It also works over TRAMP if enable-remote-dir-locals is true.
Thanks, IMO this is a very useful feature.
> --- a/doc/lispref/variables.texi
> +++ b/doc/lispref/variables.texi
> @@ -1974,6 +1974,12 @@ File Local Variables
> symbols.
> @end defvar
>
> +@defvar permanently-enabled-local-variable-dirs
> +This is a list of trusted directories that contain local variables.
> +Local variables in these directories will always be enabled, regardless
> +of whether they are risky.
> +@end defvar
This should explicitly allude to the '.dir-locals.el' files in those
directories, since otherwise talking about "directories that contain
variables" could be confusing.
I also suggest to rename the variable to something like
'permanently-safe-local-variable-directories', or maybe just
'safe-local-variable-directories' which IMO should express the purpose
better.
> -Also see the `permanently-enabled-local-variables' variable."
> +Also see the `permanently-enabled-local-variables' and
> +'permanently-enabled-local-variable-dirs' variables."
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We quote `like this' in doc strings, to produce links in the *Help*
buffers.
> +(defcustom permanently-enabled-local-variable-dirs '()
> + "A list of directories that contain local variables that are always
> +enabled, regardless of whether they are risky."
The first line of a doc string should be a single complete sentence.
(This is because the various apropos commands show only the first line
of the doc string.)
> @@ -3730,7 +3739,9 @@ hack-local-variables-confirm
> ! -- to apply the local variables list, and permanently mark these
> values (*) as safe (in the future, they will be set automatically.)
> i -- to ignore the local variables list, and permanently mark these
> - values (*) as ignored\n\n")
> + values (*) as ignored
> ++ -- to apply the local variables list, and permanently trust "
> + name "\n\n")
"permanently trust name" sounds confusing (what is "name"?). How
about this variant:
+ -- to apply the local variables list, and permanently trust
all directory-local variables in this directory
> @@ -3762,8 +3773,13 @@ hack-local-variables-confirm
> char)
> (when offer-save
> (push ?i exit-chars)
> - (push ?! exit-chars))
> + (push ?! exit-chars)
> + (push ?+ exit-chars))
> (setq char (read-char-choice prompt exit-chars))
> + (when (and offer-save (= char ?+))
> + (customize-push-and-save
> + 'permanently-enabled-local-variable-dirs
> + (list dir-name)))
Bother: AFAIU here we modify the user's custom file without asking for
an explicit permission. Should we ask for permission?
Last, but not least: this change is larger than what we can accept
without you assigning to FSF the copyright for your changes, and I
don't see any copyright assignment in your name on file. Would you be
willing to do the legal paperwork for such an assignment? If yes, I
will send you the form to start the paperwork rolling; when it is
completed, we can install your changes.
Thanks.
bug-gnu-emacs@HIDDEN:bug#61901; Package emacs.
Full text available.
Received: (at submit) by debbugs.gnu.org; 1 Mar 2023 22:31:03 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 01 17:31:03 2023
Received: from localhost ([127.0.0.1]:55211 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1pXUyU-0002rI-CO
for submit <at> debbugs.gnu.org; Wed, 01 Mar 2023 17:31:02 -0500
Received: from lists.gnu.org ([209.51.188.17]:36388)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <antero@HIDDEN>) id 1pXUyS-0002r3-Ci
for submit <at> debbugs.gnu.org; Wed, 01 Mar 2023 17:31:01 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <antero@HIDDEN>)
id 1pXUyS-0005XM-6I
for bug-gnu-emacs@HIDDEN; Wed, 01 Mar 2023 17:31:00 -0500
Received: from mout-p-101.mailbox.org ([80.241.56.151])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
(Exim 4.90_1) (envelope-from <antero@HIDDEN>)
id 1pXUyP-00053u-PB
for bug-gnu-emacs@HIDDEN; Wed, 01 Mar 2023 17:30:59 -0500
Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest
SHA256) (No client certificate requested)
by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4PRppS4XlDz9sSS
for <bug-gnu-emacs@HIDDEN>; Wed, 1 Mar 2023 23:30:24 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailbox.org;
s=mail20150812; t=1677709824;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type;
bh=K9lD2zACD9/PmXIuMYcRDKjp/UzoQ9ullRVNcrRxaBk=;
b=KJ6xHaHX3BWKFNkaQXocKluzJxhg4OEz+KdbxBAR3yLU6wKVJgzr44ds3GCDHLS/3MtFFx
DM0UPhv9uib1JvLfKIxwxlxv/vEIrqXSY1rXMS3ekZzLSTIckhN4c+nupgPRTIwIB2S0G5
fA/86g6audaSpT5Jyc4hSYV86Q190hEmx5nALAqTWfBC5yPQhSn5sMctnZBUYlVaXojVv3
GEA1M+5kVUR/lvTkXncE+hzAV2Ek8oPE2wV8YQDkJ2GmgLpZin5vPgyaOhDMLMfCgPg+E6
2+OLQT1eCr8DfagARXGEmzGNMXJ5yCJETrWmRVNvAi9n2rOQ53m7gzY3r9SHIA==
From: Antero Mejr <antero@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 30.0.50; [PATCH] Add permanently-enabled-local-variable-dirs variable.
Date: Wed, 01 Mar 2023 22:20:33 +0000
Message-ID: <87sfeoksuk.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-MBO-RS-META: hrggins9umdge4xsoz6jg36j9y6ogmcj
X-MBO-RS-ID: 1c79a36e36ecc3d0473
Received-SPF: pass client-ip=80.241.56.151; envelope-from=antero@HIDDEN;
helo=mout-p-101.mailbox.org
X-Spam_score_int: -23
X-Spam_score: -2.4
X-Spam_bar: --
X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1,
DKIM_SIGNED=0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)
--=-=-=
Content-Type: text/plain
This patch allows users to trust directories to load dir-local variables
from, so they don't have to do something lile this:
(defun risky-local-variable-p (sym &optional _ignored) nil)
as suggested here:
https://emacs.stackexchange.com/questions/10983/remember-permission-to-execute-risky-local-variables
It also works over TRAMP if enable-remote-dir-locals is true.
--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
filename=0001-Add-permanently-enabled-local-variable-dirs-variable.patch
From 93494f5beb4b51d989ea87755c077379458ffb04 Mon Sep 17 00:00:00 2001
From: Antero Mejr <antero@HIDDEN>
Date: Wed, 1 Mar 2023 21:59:57 +0000
Subject: [PATCH] Add permanently-enabled-local-variable-dirs variable.
This variable can be set to automatically load risky dir-local variables from
a list of trusted directories.
* lisp/emacs-lisp/files.el (permanently-enabled-local-variable-dirs,
hack-local-variables-filter, hack-local-variables-confirm): New variable and
associated logic.
* test/lisp/files-tests.el
(files-tests-permanently-enabled-local-variable-dirs): Add tests for same.
* doc/lispref/variables.texi (File Local Variables): Add documentation for
same.
* etc/NEWS (Lisp Changes in Emacs 30.1): Add news entry for same.
---
doc/lispref/variables.texi | 6 ++++++
etc/NEWS | 5 +++++
lisp/files.el | 27 ++++++++++++++++++++++-----
test/lisp/files-tests.el | 22 ++++++++++++++++++++++
4 files changed, 55 insertions(+), 5 deletions(-)
diff --git a/doc/lispref/variables.texi b/doc/lispref/variables.texi
index 5584cbce9a6..47cfb824dcb 100644
--- a/doc/lispref/variables.texi
+++ b/doc/lispref/variables.texi
@@ -1974,6 +1974,12 @@ File Local Variables
symbols.
@end defvar
+@defvar permanently-enabled-local-variable-dirs
+This is a list of trusted directories that contain local variables.
+Local variables in these directories will always be enabled, regardless
+of whether they are risky.
+@end defvar
+
@defun hack-local-variables &optional handle-mode
This function parses, and binds or evaluates as appropriate, any local
variables specified by the contents of the current buffer. The variable
diff --git a/etc/NEWS b/etc/NEWS
index 31fb22fc1e2..cc5198a903b 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -238,6 +238,11 @@ hooks named after the feature name, like 'esh-mode-unload-hook'.
* Lisp Changes in Emacs 30.1
++++
+** New variable 'permanently-enabled-local-variable-dirs'.
+This variable is used to to permanently trust directories containing
+risky directory-local variables.
+
** Functions and variables to transpose sexps
+++
diff --git a/lisp/files.el b/lisp/files.el
index 387a3b5dc66..bde126375ae 100644
--- a/lisp/files.el
+++ b/lisp/files.el
@@ -681,7 +681,8 @@ enable-local-variables
always obeys file local variable specifications and the -*- line,
and ignores this variable.
-Also see the `permanently-enabled-local-variables' variable."
+Also see the `permanently-enabled-local-variables' and
+'permanently-enabled-local-variable-dirs' variables."
:risky t
:type '(choice (const :tag "Query Unsafe" t)
(const :tag "Safe Only" :safe)
@@ -3692,6 +3693,14 @@ permanently-enabled-local-variables
"A list of file-local variables that are always enabled.
This overrides any `enable-local-variables' setting.")
+(defcustom permanently-enabled-local-variable-dirs '()
+ "A list of directories that contain local variables that are always
+enabled, regardless of whether they are risky."
+ :version "30.1"
+ :type '(repeat string)
+ :risky t
+ :group 'find-file)
+
(defun hack-local-variables-confirm (all-vars unsafe-vars risky-vars dir-name)
"Get confirmation before setting up local variable values.
ALL-VARS is the list of all variables to be set up.
@@ -3730,7 +3739,9 @@ hack-local-variables-confirm
! -- to apply the local variables list, and permanently mark these
values (*) as safe (in the future, they will be set automatically.)
i -- to ignore the local variables list, and permanently mark these
- values (*) as ignored\n\n")
+ values (*) as ignored
++ -- to apply the local variables list, and permanently trust "
+ name "\n\n")
(insert "\n\n"))
(dolist (elt all-vars)
(cond ((member elt unsafe-vars)
@@ -3754,7 +3765,7 @@ hack-local-variables-confirm
(pop-to-buffer buf '(display-buffer--maybe-at-bottom))
(let* ((exit-chars '(?y ?n ?\s))
(prompt (format "Please type %s%s: "
- (if offer-save "y, n, ! or i" "y or n")
+ (if offer-save "y, n, !, i, or +" "y or n")
(if (< (line-number-at-pos (point-max))
(window-body-height))
""
@@ -3762,8 +3773,13 @@ hack-local-variables-confirm
char)
(when offer-save
(push ?i exit-chars)
- (push ?! exit-chars))
+ (push ?! exit-chars)
+ (push ?+ exit-chars))
(setq char (read-char-choice prompt exit-chars))
+ (when (and offer-save (= char ?+))
+ (customize-push-and-save
+ 'permanently-enabled-local-variable-dirs
+ (list dir-name)))
(when (and offer-save
(or (= char ?!) (= char ?i))
unsafe-vars)
@@ -3772,7 +3788,7 @@ hack-local-variables-confirm
'safe-local-variable-values
'ignored-local-variable-values)
unsafe-vars))
- (prog1 (memq char '(?! ?\s ?y))
+ (prog1 (memq char '(?! ?\s ?y ?+))
(quit-window t)))))))
(defconst hack-local-variable-regexp
@@ -3904,6 +3920,7 @@ hack-local-variables-filter
(null unsafe-vars)
(null risky-vars))
(memq enable-local-variables '(:all :safe))
+ (member dir-name permanently-enabled-local-variable-dirs)
(hack-local-variables-confirm all-vars unsafe-vars
risky-vars dir-name))
(dolist (elt all-vars)
diff --git a/test/lisp/files-tests.el b/test/lisp/files-tests.el
index aadb60e1de7..95eaf9a6bd0 100644
--- a/test/lisp/files-tests.el
+++ b/test/lisp/files-tests.el
@@ -166,6 +166,28 @@ files-tests-permanent-local-variables
(hack-local-variables)
(should (eq lexical-binding nil)))))
+(ert-deftest files-tests-permanently-enabled-local-variable-dirs ()
+ ;; permanently-enabled-local-variable-dirs should be risky,
+ ;; so use it as an arbitrary risky variable.
+ (let ((test-alist '((permanently-enabled-local-variable-dirs
+ . "some_val")))
+ (fakedir "test1/test2")
+ (enable-local-eval t))
+ (with-temp-buffer
+ (setq permanently-enabled-local-variable-dirs (list fakedir))
+ (hack-local-variables-filter test-alist fakedir)
+ (should (equal file-local-variables-alist test-alist)))
+ (with-temp-buffer
+ (setq permanently-enabled-local-variable-dirs (list fakedir))
+ (setq noninteractive t)
+ (hack-local-variables-filter test-alist "wrong")
+ (should-not (equal file-local-variables-alist test-alist)))
+ (with-temp-buffer
+ (setq permanently-enabled-local-variable-dirs '())
+ (setq noninteractive t)
+ (hack-local-variables-filter test-alist fakedir)
+ (should-not (equal file-local-variables-alist test-alist)))))
+
(defvar files-test-bug-18141-file
(ert-resource-file "files-bug18141.el.gz")
"Test file for bug#18141.")
--
2.38.1
--=-=-=--
Antero Mejr <antero@HIDDEN>:bug-gnu-emacs@HIDDEN.
Full text available.bug-gnu-emacs@HIDDEN:bug#61901; Package emacs.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.