From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Charles C. Berry" <ccberry@ucsd.edu>
Subject: Re: org-export-babel-evaluate=nil ignores ":exports results" setting
 - this has changed
Date: Tue, 21 Feb 2017 08:40:41 -0800
Message-ID: <alpine.OSX.2.20.1702210837500.669@charles-berrys-macbook.local>
References: <38f5c7e0-b000-f8bd-97dd-6947e3272511@psi.ch>
	<alpine.OSX.2.20.1702201539500.2883@charles-berrys-macbook.local>
	<87fuj7u89l.fsf@trex>
Mime-Version: 1.0
Content-Type: multipart/mixed; BOUNDARY="0-1191986881-1487695241=:669"
Return-path: <emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43627)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ccberry@ucsd.edu>) id 1cgDUg-0004SI-FC
	for emacs-orgmode@gnu.org; Tue, 21 Feb 2017 11:40:51 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ccberry@ucsd.edu>) id 1cgDUd-0005Fs-C6
	for emacs-orgmode@gnu.org; Tue, 21 Feb 2017 11:40:50 -0500
Received: from iport-acv3-out.ucsd.edu ([132.239.0.4]:10081)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <ccberry@ucsd.edu>) id 1cgDUc-0005FD-TC
	for emacs-orgmode@gnu.org; Tue, 21 Feb 2017 11:40:47 -0500
In-Reply-To: <87fuj7u89l.fsf@trex>
List-Id: "General discussions about Org-mode." <emacs-orgmode.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-orgmode>,
	<mailto:emacs-orgmode-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-orgmode/>
List-Post: <mailto:emacs-orgmode@gnu.org>
List-Help: <mailto:emacs-orgmode-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
	<mailto:emacs-orgmode-request@gnu.org?subject=subscribe>
Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org
Sender: "Emacs-orgmode"
	<emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org>
To: Aaron Ecay <aaronecay@gmail.com>
Cc: emacs-orgmode@gnu.org, Derek Feichtinger <derek.feichtinger@psi.ch>

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--0-1191986881-1487695241=:669
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8BIT

On Tue, 21 Feb 2017, Aaron Ecay wrote:

> Hi Chuck,
>
> 2017ko otsailak 20an, "Charles C. Berry"-ek idatzi zuen:
>
> [...]
>
>
>>
>> Allowing header args to be processed (as before) also allows for arbitrary
>> code to be executed.  The point of setting ‘org-export-use-babel’ or
>> `org-export-babel-evaluate' to nil was to prevent this.  For that reason
>> the former behavior was a bug.
>
> Iʼm not sure I agree that itʼs so simple.  There are still ways to execute
> arbitrary code on export independently of babel (e.g. eval macros).  The
> advice to use o-e-babel-evaluate for security was never (IMO) correct –
> the only properly secure wat to export untrusted documents would involve
> some kind of sandboxing of the emacs executable.
>

Fair enough.

[snip]

>
> Taking a step back, I would ask what justifies o-e-b-eʼs existence at
> all.  This thread demonstrates that itʼs not the right way to prevent
> babel blocks from executing on export.  Itʼs also not a good solution to
> the security issue.  Given the potential for confusion, Iʼd be in favor
> of deprecating it entirely unless thereʼs some compelling reason for it
> to exist that Iʼve overlooked.

In view of your point above about `eval' macros, I do not disagree.

Chuck.
--0-1191986881-1487695241=:669--