Commit fce10019 authored by Chong Yidong's avatar Chong Yidong

* faq.texi (Security risks with Emacs): Document Emacs 22

	file-local-variable mechanism.
parent 1ef252f6
2006-07-18 Chong Yidong <cyd@stupidchicken.com>
* faq.texi (Security risks with Emacs): Document Emacs 22
file-local-variable mechanism.
2006-07-17 Richard Stallman <rms@gnu.org>
* building.texi (Grep Searching): Explain about chaining grep commands.
......
......@@ -3125,14 +3125,12 @@ arbitrary Emacs Lisp code evaluated when the file is visited.
Obviously, there is a potential for Trojan horses to exploit this
feature.
Emacs 18 allowed this feature by default; users could disable it by
setting the variable @code{inhibit-local-variables} to a non-@code{nil} value.
As of Emacs 19, Emacs has a list of local variables that create a
security risk. If a file tries to set one of them, it asks the user to
confirm whether the variables should be set. You can also tell Emacs
whether to allow the evaluation of Emacs Lisp code found at the bottom
of files by setting the variable @code{enable-local-eval}.
As of Emacs 22, Emacs has a list of local variables that are known to
be safe to set. If a file tries to set any variable outside this
list, it asks the user to confirm whether the variables should be set.
You can also tell Emacs whether to allow the evaluation of Emacs Lisp
code found at the bottom of files by setting the variable
@code{enable-local-eval}.
For more information, @inforef{File Variables, File Variables, emacs}.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment