From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id gE97LTOaF2OXZAEAbAwnHQ (envelope-from ) for ; Tue, 06 Sep 2022 21:06:27 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id aHhgLTOaF2OMzwAAauVa8A (envelope-from ) for ; Tue, 06 Sep 2022 21:06:27 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id C7BA21160A for ; Tue, 6 Sep 2022 21:06:26 +0200 (CEST) Received: from localhost ([::1]:37392 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oVdtx-0001aV-II for larch@yhetil.org; Tue, 06 Sep 2022 15:06:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:41694) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oVdtB-0001aE-Vb for emacs-orgmode@gnu.org; Tue, 06 Sep 2022 15:05:37 -0400 Received: from relay-egress-host.us-east-2.a.mail.umich.edu ([13.59.128.245]:47962 helo=useful-rhiannon.relay-egress.a.mail.umich.edu) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oVdt7-0001qN-T2 for emacs-orgmode@gnu.org; Tue, 06 Sep 2022 15:05:37 -0400 Received: from curious-duende.authn-relay.a.mail.umich.edu (ip-10-0-72-56.us-east-2.compute.internal [10.0.72.56]) by useful-rhiannon.relay-egress.a.mail.umich.edu with ESMTPS id 631799FC.AC1F97C.1663019C.2154983; Tue, 06 Sep 2022 15:05:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=relay-2018-08-29; t=1662491131; bh=vfsXrMYiSE2MlAqmdkTCALnISYAJ1tTtlQb1gwES0P8=; h=To:cc:From:Subject:In-reply-to:References:Date; b=Ze6j1n/QmsIx9IVMidm6jGe669C/rdVX5Kt7g5MjNXHh0pDLObrBsqgEcX20BlX+r QQEQav+5U4zO/2HHI8CaLa1xGu7WxgPdbFAjyKV03OuypE8qPR/7b+UB+gvjK4j0Ct dI6zQqcofLbpH4Nj/ksZsielS9XgOKYXcjdk9LPbDq9CiaSeYmqWv4pN85AkQ7V7n7 h3+CZviqEYtZ8T+3BkfMHNxgR6HRT2jUgDrO3V8rkp7Er8cEL6CMS/oNVjiw5yxbE6 an4yBld+6LQHPvuULEAHCgyHMcbL4qlevYOPpoMGu2IpBRe09t8eEVfWwi9CdtB4i0 HBsdiDncsJL2g== Received: from localhost (Mismatch [85.103.37.149]) by curious-duende.authn-relay.a.mail.umich.edu with ESMTPSA id 631799FA.229D0610.24A6F849.2139387; Tue, 06 Sep 2022 15:05:31 -0400 To: Fedja Beader cc: "emacs-orgmode@gnu.org" From: Greg Minshall Subject: Re: per-file (or, really, per buffer) allowing/disallowing code block execution In-reply-to: References: Comments: In-reply-to Fedja Beader message dated "Mon, 05 Sep 2022 23:50:49 +0000." X-Mailer: MH-E 8.6+git; nmh 1.7.1; GNU Emacs 28.1.91 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <595134.1662491125.1@archlinux> Date: Tue, 06 Sep 2022 22:05:25 +0300 Message-ID: <595135.1662491125@archlinux> Received-SPF: pass client-ip=13.59.128.245; envelope-from=minshall@umich.edu; helo=useful-rhiannon.relay-egress.a.mail.umich.edu X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: "Emacs-orgmode" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1662491187; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=vfsXrMYiSE2MlAqmdkTCALnISYAJ1tTtlQb1gwES0P8=; b=buPOwnMjK5aUq+u0+F1fgGM4z0IY0kiz9ZhzmjrkVRscDSCa5HmYmPayZ+v6cIiCILSAny /H9uhUXys6fJmw+mdZkCoZUzJbE88tirhzUfaKUfRfAHepI8eiAV3jjllS1cAm0aUoXqfK jTHIXpufq2oLk8H8Sp3TM/0iUiUwc0BOb3sU9rtoOAQgFzcituVLitq1uR9BPUk38N+gbA I8LlRmmI43TtG5zk5GFDEAuQmOP2JCyOJ++MxzAfRtGKSDyAVgR5GmndKl0RJtPd4aS2hx qrvE6LYZ90At46/BpIEXe5BJjeNQIzlvrKZUJeWqdLAIdOPkM+q3rj/aIjCrJw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1662491187; a=rsa-sha256; cv=none; b=ccyrgZ0BCdLUA4w5jJBHoa3cCUT+54Vuh9oov/hfO6COJVwptH8X+5YRxIAYOqQVHC4rDs qiyr0+eSitzakNaWKuqvF96JGHoex8XRfzhIAEzqmBaR6mvyw7buGGhmOcpUsitM4EB1FD P0qWRLbBuJt5aS2yuUHWZqIbnsqYp0wghAY8Z64ZgGqYXwGlVEFR6I4yWxNXl5tARjS5q7 TPA0nt8tfB70gsLQVGjvoV8RUkM5hqg0NlXZdMGddYz/VwFLMPvHEIb/AiOjeqSKjzCX1a NvSu3M5vLcjarvW3d+50l9F44sk2kGCtq42emxBASdxc0neGIyazABR/yTieeQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=umich.edu header.s=relay-2018-08-29 header.b="Ze6j1n/Q"; dmarc=pass (policy=none) header.from=umich.edu; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -7.67 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=umich.edu header.s=relay-2018-08-29 header.b="Ze6j1n/Q"; dmarc=pass (policy=none) header.from=umich.edu; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: C7BA21160A X-Spam-Score: -7.67 X-Migadu-Scanner: scn0.migadu.com X-TUID: 3CHykfm2STwh Fedja, > What I would like to have, to safely and easily use org-mode > as an interactive notebook, is to not have to overload this > function and to be asked only once per buffer/file whether to: > 1) Unconditionally allow executing all code blocks > 2) Unconditionally disallow executing all code blocks > 3) Ask for every block. i think that is an interesting idea, and maybe a more pleasant user interface than what we currently have. probably, for me, it would allow me to drop a number of buffer-local variable customizations, as i'm typically evaluating code in a given buffer over and over again (and, so, would be happy to pay the price of saying "yes" once per buffer (per emacs instance). i'd be curious to hear what the downsides might be, especially anyone who sees security-related downsides. Ihor, > 1) You can set org-confirm-babel-evaluate buffer-locally > 2) Same or set :eval no header arg. (see > https://orgmode.org/org.html#Evaluating-Code-Blocks) > 3) You can set :eval query header arg. for me the use case is 1) disabling all (or setting to "query") when, e.g., you are exporting some file you received via e-mail and so trust *none* of the code blocks; 2) enabling all for some file that you yourself maintain, and so trust *all* the code blocks. at least initially, this seems a nice direction. cheers, Greg