From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id wDXPK+T8mWONZgAAbAwnHQ (envelope-from ) for ; Wed, 14 Dec 2022 17:42:12 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id CJrsKuT8mWPUEgAAG6o9tA (envelope-from ) for ; Wed, 14 Dec 2022 17:42:12 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 588403A772 for ; Wed, 14 Dec 2022 17:42:12 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1p5Uod-0002sd-MI; Wed, 14 Dec 2022 11:41:07 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p5Uoc-0002sH-O4 for emacs-orgmode@gnu.org; Wed, 14 Dec 2022 11:41:06 -0500 Received: from ciao.gmane.io ([116.202.254.214]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p5Uob-0007aV-AS for emacs-orgmode@gnu.org; Wed, 14 Dec 2022 11:41:06 -0500 Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1p5UoX-0006zt-Vo for emacs-orgmode@gnu.org; Wed, 14 Dec 2022 17:41:01 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: emacs-orgmode@gnu.org From: Max Nikulin Subject: Re: [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom variable Date: Wed, 14 Dec 2022 23:40:52 +0700 Message-ID: References: <87359ld5ye.fsf@kyleam.com> <874ju0j538.fsf@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 Content-Language: en-US In-Reply-To: Received-SPF: pass client-ip=116.202.254.214; envelope-from=geo-emacs-orgmode@m.gmane-mx.org; helo=ciao.gmane.io X-Spam_score_int: 26 X-Spam_score: 2.6 X-Spam_bar: ++ X-Spam_report: (2.6 / 5.0 requ) BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FORGED_MUA_MOZILLA=2.309, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, NICE_REPLY_A=-0.001, NML_ADSP_CUSTOM_MED=0.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1671036132; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=zLveSSppBIq/EWBy6YoWhSLx2DC9Z4vQUCQDnpxQ420=; b=pD2hLL3gpuA1HU4tHLaZmHivFQ/XPJlB3dlbWO+6pVY/4ra9kCJrjbKGOt/5001K289oNz U4G1Z8zmPYJ0NotllLo8PGSORgMSkakAH2v42Tw8K7R2pMqtymRmoVZc2BzCn3+lC9UgaX GNwXoAfQJQDkTr03ZUuWysJpULOKVF6E+94VWUHZWKtfzEqX/C4pi2Mfi7wvsaHlaL0AFq 2zeek3LYXMAPPer3dXgHQTYfPaJjHHpN2q1u/Re4xw6WM1MXS/Aj6TjWlWlvNcb0XEjO91 WIzBHdVYSW9xyIbxPjzwFrMwOQBPQD26e6t1OEuEiYlB/oNNW0MIS5o0FLiABg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=gmail.com (policy=none) ARC-Seal: i=1; s=key1; d=yhetil.org; t=1671036132; a=rsa-sha256; cv=none; b=QdWP50INF/yCErWSCGIErddD8oqhlKvK39llKKNIZ7bsTByTEjRAmpd3MOGQuALfNibD5I gWNTZJs87Ym1fbzvLGVUnJmYvMlNAtRuIJYTv+GSU6yp+RzSnzqQNqUQJt0vIJYWyjk5Od GeplrWKp/do/pjW0JAxccnnhSapbFSBWA7Y5A3q3u9vYHg+fCW5COyAWyVrxRuu8OVu1Gm 8R41Rrq31jhx9OV+IQdesDGxz8cHGh8ac67saTx/qlacQmCK9cJFTadl7yF4RO82yA7+g/ JtHO2XVklSAxJwjKqMhoU6LxymmGWhE6adn8tNMgEMnP1pmkkZTmy6d68zo1dw== X-Migadu-Spam-Score: -2.17 X-Spam-Score: -2.17 X-Migadu-Queue-Id: 588403A772 X-Migadu-Scanner: scn1.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=gmail.com (policy=none) X-TUID: gVdmFMddLhtv Tom, does not the following allow to achieve the same without your patch? #+begin_src elisp :results none (setq-local org-confirm-babel-evaluate (lambda (lang body) (not (and (member lang '("elisp" "emacs-lisp")) (let ((rb (read body))) (or (member rb '((or) (and) ;; add more forms that are known safe here )) (and (eq (car rb) 'identity) (let ((v (cadr rb))) (or (symbolp v) (stringp v) (numberp v) ))))))))) #+end_src I know, it does not work, but I think it is due to (format "%S" cell) instead of passing cell directly in - '((:eval . yes)) nil (format "%S" cell) My point is that if some expression is safe for a variable value then it is safe for the source block body. On 14/12/2022 04:16, Tom Gillespie wrote: >> Will it be clear to users what "cell" means in this context? > > I assume the language was originally chosen > with tables in mind, but I think it is clear? The > one issue is that using org-babel-confirm-evaluate > doesn't use the word "cell" in the yes-or-no-p prompt. Have you ever seen the prompt for a table? I suppose, tables are the most prominent security issue related to unsolicited code execution: Max Nikulin to emacs-orgmode. Re: [BUG][Security] begin_src :var evaluated before the prompt to confirm execution. Fri, 28 Oct 2022 11:11:18 +0700. https://list.orgmode.org/tjfkp7$ggm$1@ciao.gmane.io I am still in doubts if 10e857d42 2022-10-28 11:09:50 +0800 Ihor Radchenko: org-babel-read: Obey `org-confirm-babel-evaluate' was an unambiguous improvement. Perhaps it just forces more users to set `org-confirm-babel-evaluate' to nil compromising their security to more severe degree.