From: Max Nikulin <manikulin@gmail.com>
To: emacs-orgmode@gnu.org
Subject: Re: [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom variable
Date: Thu, 15 Dec 2022 21:46:26 +0700 [thread overview]
Message-ID: <tnfc04$bv0$1@ciao.gmane.io> (raw)
In-Reply-To: <87ilicua53.fsf@localhost>
On 15/12/2022 19:25, Ihor Radchenko wrote:
> Max Nikulin writes:
>
>> I would consider reverting the commit causing user prompt for every
>> variable.
>
> I disagree. If anything, we can set the default value of
> `org-confirm-babel-evaluate-cell' to nil and apply this patch.
>
> Then, we can get the old behaviour back yet allowing concerned users to
> have more security.
I am leaving it up to you. Form my point of view it will be dead code
that increases complexity with no practical outcome. Unfortunately
setting `org-confirm-babel-evaluate-cell' to anything other than nil
results in annoyance rather than security.
Perhaps advising `org-babel-execute-src-block' with `y-or-n-p' is a
better treatment for my paranoia.
> This patch does not only affect src blocks. It affects all the users of
> `org-babel-read'.
Mostly it is called with INHIBIT-LISP-EVAL set to t.
>> https://list.orgmode.org/Y1uFDWOjZb85lk+3@protected.localdomain
>> Re: [BUG][Security] begin_src :var evaluated before the prompt to
>> confirm execution
>
> How is it related to the current discussion?
> The purpose of the security feature discussed here is not for web
> browsers or anything like that.
I am not going to add malicious source blocks to my private org files.
For some code it is better to have a prompt, but generally the issue is
not excessively important. I tend to inspect org files fetched from net
in some other application at first (browser, less, or vim).
Accidental evaluation of code is a real danger for those who insist on
opening links to org file directly in emacs or even propose to use org
as a kind of browser. I raised the security issue in response to
passionate messages demanding direct ways to work with org files from
the web. I decided to remind the context with hope that it would help to
reevaluate severity of the issue.
I do not have a better proposal, but I think I see movement in a wrong
direction.
next prev parent reply other threads:[~2022-12-15 14:47 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-10 20:28 [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom variable Tom Gillespie
2022-12-11 2:58 ` Max Nikulin
2022-12-11 20:27 ` Tom Gillespie
2022-12-11 20:37 ` Tom Gillespie
2022-12-11 20:46 ` Kyle Meyer
2022-12-11 21:08 ` Tom Gillespie
2022-12-12 10:20 ` Ihor Radchenko
2022-12-13 1:53 ` Tom Gillespie
2022-12-13 9:03 ` Ihor Radchenko
2022-12-13 16:31 ` Max Nikulin
2022-12-13 21:16 ` Tom Gillespie
2022-12-14 16:40 ` Max Nikulin
2022-12-14 18:24 ` Tom Gillespie
2022-12-15 9:18 ` Ihor Radchenko
2022-12-15 9:25 ` Tom Gillespie
2022-12-15 9:57 ` tomas
2022-12-15 9:10 ` Ihor Radchenko
2022-12-15 12:10 ` Max Nikulin
2022-12-15 12:25 ` Ihor Radchenko
2022-12-15 14:46 ` Max Nikulin [this message]
2022-12-15 21:08 ` Tim Cross
2022-12-16 6:07 ` Ihor Radchenko
2022-12-16 7:22 ` Tim Cross
2022-12-18 14:19 ` Ihor Radchenko
2022-12-18 21:37 ` Tim Cross
2022-12-20 0:00 ` Tom Gillespie
2022-12-20 0:06 ` Tom Gillespie
2022-12-25 11:00 ` Ihor Radchenko
2022-12-18 14:12 ` Ihor Radchenko
2022-12-25 11:06 ` Ihor Radchenko
2022-12-29 15:58 ` Bastien Guerry
2022-12-29 16:33 ` Max Nikulin
2022-12-29 16:35 ` Ihor Radchenko
2022-12-30 8:52 ` Bastien
2022-12-30 11:10 ` Max Nikulin
2022-12-30 17:43 ` Tom Gillespie
2022-12-31 13:48 ` Ihor Radchenko
2022-12-31 16:15 ` Tom Gillespie
2023-01-02 8:34 ` [SECURITY] Arbitrary code evaluation security in Org (was: [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom variable) Ihor Radchenko
2023-01-02 10:59 ` [SECURITY] Arbitrary code evaluation security in Org Greg Minshall
2023-01-03 9:52 ` [SECURITY] Tangling can overwrite arbitrary tangling targets, including important user files (was: [SECURITY] Arbitrary code evaluation security in Org) Ihor Radchenko
2023-01-02 19:00 ` [SECURITY] Arbitrary code evaluation security in Org (was: [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom variable) Tim Cross
2023-01-03 11:00 ` Ihor Radchenko
2023-01-07 13:12 ` Ihor Radchenko
2023-01-02 15:13 ` [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom variable Bastien Guerry
2023-01-02 15:17 ` Ihor Radchenko
2023-01-02 15:15 ` Bastien
2022-12-13 4:16 ` Kyle Meyer
2022-12-13 16:15 ` Max Nikulin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.orgmode.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='tnfc04$bv0$1@ciao.gmane.io' \
--to=manikulin@gmail.com \
--cc=emacs-orgmode@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).