Re: Risky local variable mechanism

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Risky local variable mechanism

From:	Stefan Monnier
Subject:	Re: Risky local variable mechanism
Date:	Wed, 01 Feb 2006 12:00:58 -0500
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux)

>> Maybe "string and integer custom vars" are all safe, I don't know.
> No, sendmail-program is not safe, nor is max-eval-lisp-depth.

Indeed, names of external programs need to be ruled out.

OTOH I think the only danger with max-eval-lisp-depth is DoS, which I'd
rather ignore because it's a tremendously harder problem to solve than
direct security holes.


        Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Risky local variable mechanism, Jonathan Yavner, 2006/02/01
- Re: Risky local variable mechanism, Stefan Monnier <=
  - Re: Risky local variable mechanism, Kim F. Storm, 2006/02/01
    - Re: Risky local variable mechanism, Stefan Monnier, 2006/02/02
- Re: Risky local variable mechanism, Chong Yidong, 2006/02/01
- Re: Risky local variable mechanism, Richard M. Stallman, 2006/02/02
  - Re: Risky local variable mechanism, Stefan Monnier, 2006/02/02
- Re: Risky local variable mechanism, Richard M. Stallman, 2006/02/01
  - Re: Risky local variable mechanism, David Kastrup, 2006/02/02
    - Re: Risky local variable mechanism, Kim F. Storm, 2006/02/02
    - Re: Risky local variable mechanism, Richard M. Stallman, 2006/02/03
- Re: Risky local variable mechanism, Richard M. Stallman, 2006/02/01

Prev by Date: Re: "Misunderstanding of the lambda calculus"
Next by Date: Re: FYI: QuickTime 7.0.4 breakage
Previous by thread: Re: Risky local variable mechanism
Next by thread: Re: Risky local variable mechanism
Index(es):
- Date
- Thread