Commit b7617f6d authored by Chong Yidong's avatar Chong Yidong

Record "safe themes" as sha1 hashes, as suggested by Stefan Monnier.

* lisp/custom.el (custom-safe-themes): Rename from
custom-safe-theme-files.  Add :risky tag.
(load-theme, custom-theme-load-confirm): Save sha1 hashes to
custom-safe-themes, not filenames.  Suggested by Stefan Monnier.
parent 900503ae
......@@ -219,9 +219,10 @@ Emacs no longer looks for custom themes in `load-path'. The default
is to search in `custom-theme-directory', followed by a built-in theme
directory named "themes/" in `data-directory'.
*** New option `custom-safe-theme-files' lists known-safe theme files.
If a theme is not in this list, Emacs queries before loading it.
The default value treats all themes included in Emacs as safe.
*** New option `custom-safe-themes' records known-safe theme files.
If a theme is not in this list, Emacs queries before loading it, and
offers to save the theme to `custom-safe-themes' automatically. By
default, all themes included in Emacs are treated as safe.
** The user option `remote-file-name-inhibit-cache' controls whether
the remote file-name cache is used for read access.
......
2011-01-09 Chong Yidong <cyd@stupidchicken.com>
* custom.el (custom-safe-themes): Rename from
custom-safe-theme-files. Add :risky tag.
(load-theme, custom-theme-load-confirm): Save sha1 hashes to
custom-safe-themes, not filenames. Suggested by Stefan Monnier.
2011-01-09 Chong Yidong <cyd@stupidchicken.com>
* tool-bar.el (tool-bar-setup): Remove Help button. Remove label
......
......@@ -1105,14 +1105,16 @@ property `theme-feature' (which is usually a symbol created by
(let ((custom-enabling-themes t))
(enable-theme 'user))))
(defcustom custom-safe-theme-files '(default)
"List of theme files that are considered safe to load.
Each list element should be either an absolute file name, or the
symbol `default', which stands for the built-in Emacs theme
directory (a directory named \"themes\" in `data-directory'."
(defcustom custom-safe-themes '(default)
"List of themes that are considered safe to load.
Each list element should be the `sha1' hash of a theme file, or
the symbol `default', which stands for any theme in the built-in
Emacs theme directory (a directory named \"themes\" in
`data-directory')."
:type '(repeat
(choice file (const :tag "Built-in theme directory" default)))
(choice string (const :tag "Built-in themes" default)))
:group 'customize
:risky t
:version "24.1")
(defvar safe-functions) ; From unsafep.el
......@@ -1140,74 +1142,74 @@ in one of the directories specified by `custom-theme-load-path'."
(put theme 'theme-documentation nil))
(let ((fn (locate-file (concat (symbol-name theme) "-theme.el")
(custom-theme--load-path)
'("" "c"))))
'("" "c")))
hash)
(unless fn
(error "Unable to find theme file for `%s'." theme))
;; Check file safety.
(when (or (and (memq 'default custom-safe-theme-files)
(equal (file-name-directory fn)
(expand-file-name "themes/" data-directory)))
(member fn custom-safe-theme-files)
;; If the file is not in the builtin theme directory or
;; in `custom-safe-theme-files', check it with unsafep.
(with-temp-buffer
(require 'unsafep)
(insert-file-contents fn)
(let ((safe-functions (append '(provide-theme deftheme
custom-theme-set-variables
custom-theme-set-faces)
safe-functions))
unsafep form)
(while (and (setq form (condition-case nil
(let ((read-circle nil))
(read (current-buffer)))
(end-of-file nil)))
(null (setq unsafep (unsafep form)))))
(or (null unsafep)
(custom-theme-load-confirm fn)))))
(let ((custom--inhibit-theme-enable no-enable))
(load fn)))))
(defun custom-theme-load-confirm (filename)
(with-temp-buffer
(insert-file-contents fn)
(setq hash (sha1 (current-buffer)))
;; Check file safety.
(when (or (and (memq 'default custom-safe-themes)
(equal (file-name-directory fn)
(expand-file-name "themes/" data-directory)))
(member hash custom-safe-themes)
;; If the theme is not in `custom-safe-themes', check
;; it with unsafep.
(progn
(require 'unsafep)
(let ((safe-functions
(append '(provide-theme deftheme
custom-theme-set-variables
custom-theme-set-faces)
safe-functions))
unsafep form)
(while (and (setq form (condition-case nil
(let ((read-circle nil))
(read (current-buffer)))
(end-of-file nil)))
(null (setq unsafep (unsafep form)))))
(or (null unsafep)
(custom-theme-load-confirm hash)))))
(let ((custom--inhibit-theme-enable no-enable))
(eval-buffer))))))
(defun custom-theme-load-confirm (hash)
"Query the user about loading a Custom theme that may not be safe.
The theme should be in the current buffer. If the user agrees,
query also about adding HASH to `custom-safe-themes'."
(if noninteractive
nil
(let ((existing-buffer (find-buffer-visiting filename))
(exit-chars '(?y ?n ?\s ?\C-g))
(let ((exit-chars '(?y ?n ?\s))
prompt char)
(save-window-excursion
(if existing-buffer
(pop-to-buffer existing-buffer)
(find-file filename))
(unwind-protect
(progn
(setq prompt
(format "This theme is not guaranteed to be safe. Really load? %s"
(if (< (line-number-at-pos (point-max))
(window-body-height))
"(y or n) "
(push ?\C-v exit-chars)
"Type y or n, or C-v to scroll: ")))
(goto-char (point-min))
(while (null char)
(setq char (read-char-choice prompt exit-chars t))
(when (eq char ?\C-v)
(condition-case nil
(scroll-up)
(error (goto-char (point-min))))
(setq char nil)))
(when (memq char '(?\s ?y))
(push filename custom-safe-theme-files)
;; Offer to save to `custom-safe-theme-files'.
(and (or custom-file user-init-file)
(y-or-n-p "Treat %s as safe for future loads? "
(file-name-nondirectory filename))
(let ((coding-system-for-read nil))
(customize-save-variable
'custom-safe-theme-files
custom-safe-theme-files)))
t))
;; Unwind form.
(unless existing-buffer (kill-buffer)))))))
(rename-buffer "*Custom Theme*" t)
(emacs-lisp-mode)
(display-buffer (current-buffer))
(setq prompt
(format "This theme is not guaranteed to be safe. Really load? %s"
(if (< (line-number-at-pos (point-max))
(window-body-height))
"(y or n) "
(push ?\C-v exit-chars)
"Type y or n, or C-v to scroll: ")))
(goto-char (point-min))
(while (null char)
(setq char (read-char-choice prompt exit-chars))
(when (eq char ?\C-v)
(condition-case nil
(scroll-up)
(error (goto-char (point-min))))
(setq char nil)))
(when (memq char '(?\s ?y))
(push hash custom-safe-themes)
;; Offer to save to `custom-safe-themes'.
(and (or custom-file user-init-file)
(y-or-n-p "Treat this theme as safe for future loads? ")
(let ((coding-system-for-read nil))
(customize-save-variable 'custom-safe-themes
custom-safe-themes)))
t)))))
(defun custom-theme-name-valid-p (name)
"Return t if NAME is a valid name for a Custom theme, nil otherwise.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment