From 4a78e1b5ea98dee569ff690037c661ab5c300194 Mon Sep 17 00:00:00 2001 From: Tom Gillespie Date: Sat, 10 Dec 2022 12:11:17 -0800 Subject: [PATCH 1/2] ob-core: add org-confirm-babel-evaluate-cell custom variable * lisp/ob-core.el (org-confirm-babel-evaluate-cell): Added to control execution of cells separate from execution of src blocks, it works in exactly the same way as `org-confirm-babel-evaluate'. * lisp/ob-core.el (org-babel-read): `org-confirm-babel-evaluate-cell' is used to check cells independent of `org-confirm-babel-evaluate'. Following the change in 10e857d42859a55b23cd4206ffce3ebd0f678583 it became extremely annoying to tangle files that make extensive use of elisp expression in src block #+header: statements. This commit resolves the issue by making it possible to ignore checks on cells (the old behavior) without compromising general security for running src blocks. This is necessary because there is no easy way to hop swap `org-confirm-babel-evaluate' between `org-get-src-block-info' where `org-babel-read' is called and the execution of that src block. It could probably be done using advice around `org-babel-read', but that is a level of hackery that should be avoided. --- lisp/ob-core.el | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/lisp/ob-core.el b/lisp/ob-core.el index 2fa9d8978..d56e47de5 100644 --- a/lisp/ob-core.el +++ b/lisp/ob-core.el @@ -128,6 +128,14 @@ remove code block execution from the `\\[org-ctrl-c-ctrl-c]' keybinding." ;; don't allow this variable to be changed through file settings (put 'org-confirm-babel-evaluate 'safe-local-variable (lambda (x) (eq x t))) +(defcustom org-confirm-babel-evaluate-cell t + "Confirm before evaluating a cell. +This follows the same conventions as `org-confirm-babel-evaluate'." + :group 'org-babel + :package-version '(Org . "9.6") + :type '(choice boolean function) + :safe (lambda (x) (eq x t))) + (defcustom org-babel-no-eval-on-ctrl-c-ctrl-c nil "\\\ Remove code block evaluation from the `\\[org-ctrl-c-ctrl-c]' key binding." @@ -3180,11 +3188,14 @@ situations in which is it not appropriate." (string= cell "*this*"))) ;; Prevent arbitrary function calls. (if (and (memq (string-to-char cell) '(?\( ?`)) + (if (functionp org-confirm-babel-evaluate-cell) + (funcall org-confirm-babel-evaluate-cell "emacs-lisp" cell) + org-confirm-babel-evaluate-cell) (not (org-babel-confirm-evaluate - ;; See `org-babel-get-src-block-info'. - (list "emacs-lisp" (format "%S" cell) - '((:eval . yes)) nil (format "%S" cell) - nil nil)))) + ;; See `org-babel-get-src-block-info'. + (list "emacs-lisp" (format "%S" cell) + '((:eval . yes)) nil (format "%S" cell) + nil nil)))) ;; Not allowed. (user-error "Evaluation of elisp code %S aborted." cell) (eval (read cell) t))) -- 2.37.4