Home Explore Help
Sign In
swflint
/
org-mode-mirror
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Increase security by limiting what file variables can do for evaluation query.

* lisp/org.el (org-confirm-shell-link-function):
(org-confirm-elisp-link-function): Limit the values that can be set by
file variables.
Carsten Dominik 15 years ago
parent
025a96d46f
commit
a0962e02fd
1 changed files with 6 additions and 0 deletions
Split View Show Diff Stats
  1. 6 0
      lisp/org.el

+ 6 - 0
lisp/org.el
View File 

@@ -1488,6 +1488,9 @@ single keystroke rather than having to type \"yes\"."
 
 	  (const :tag "with yes-or-no (safer)" yes-or-no-p)
 
 	  (const :tag "with y-or-n (faster)" y-or-n-p)
 
 	  (const :tag "no confirmation (dangerous)" nil)))
 
+(put 'org-confirm-shell-link-function
 
+     'safe-local-variable
 
+     '(lambda (x) (member x '(yes-or-no-p y-or-n-p))))
 
 
 (defcustom org-confirm-elisp-link-function 'yes-or-no-p
 
   "Non-nil means ask for confirmation before executing Emacs Lisp links.
 
@@ -1505,6 +1508,9 @@ single keystroke rather than having to type \"yes\"."
 
 	  (const :tag "with yes-or-no (safer)" yes-or-no-p)
 
 	  (const :tag "with y-or-n (faster)" y-or-n-p)
 
 	  (const :tag "no confirmation (dangerous)" nil)))
 
+(put 'org-confirm-shell-link-function
 
+     'safe-local-variable
 
+     '(lambda (x) (member x '(yes-or-no-p y-or-n-p))))
 
 
 (defconst org-file-apps-defaults-gnu
 
   '((remote . emacs)