|
From: | Mattias Engdegård |
Subject: | bug#44018: Don't consider play-sound-file to be a 'safe' function |
Date: | Mon, 26 Oct 2020 18:38:07 +0100 |
26 okt. 2020 kl. 18.16 skrev Eli Zaretskii <eliz@gnu.org>: >> What is a safe Lisp expression? Basically, it's an expression that >> calls only built-in functions with no side effects (or only innocuous >> ones). Innocuous side effects include displaying messages and >> altering non-risky buffer-local variables (but not global variables). > > Thanks. But this seems to say 'message' should be considered safe? What counted as 'innocuous' back then may not do so today. Freely displaying messages to the user as if they came from a trusted system isn't necessarily harmless by modern standards of security.
[Prev in Thread] | Current Thread | [Next in Thread] |