diff options
| author | Chong Yidong <cyd@stupidchicken.com> | 2006-07-19 02:22:51 +0000 |
|---|---|---|
| committer | Chong Yidong <cyd@stupidchicken.com> | 2006-07-19 02:22:51 +0000 |
| commit | fce10019388760b528ee131e7182b2236154b692 (patch) | |
| tree | cb7a6be308a4f89f94eaf27602ca13e55a54fe8e /man/faq.texi | |
| parent | 1ef252f636b11627d4e2d528ff5e952e407cfe3d (diff) | |
| download | emacs-fce10019388760b528ee131e7182b2236154b692.tar.gz | |
* faq.texi (Security risks with Emacs): Document Emacs 22
file-local-variable mechanism.
Diffstat (limited to 'man/faq.texi')
| -rw-r--r-- | man/faq.texi | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/man/faq.texi b/man/faq.texi index 5fc21eb8575..d431dd360c0 100644 --- a/man/faq.texi +++ b/man/faq.texi @@ -3125,14 +3125,12 @@ arbitrary Emacs Lisp code evaluated when the file is visited. Obviously, there is a potential for Trojan horses to exploit this feature. -Emacs 18 allowed this feature by default; users could disable it by -setting the variable @code{inhibit-local-variables} to a non-@code{nil} value. - -As of Emacs 19, Emacs has a list of local variables that create a -security risk. If a file tries to set one of them, it asks the user to -confirm whether the variables should be set. You can also tell Emacs -whether to allow the evaluation of Emacs Lisp code found at the bottom -of files by setting the variable @code{enable-local-eval}. +As of Emacs 22, Emacs has a list of local variables that are known to +be safe to set. If a file tries to set any variable outside this +list, it asks the user to confirm whether the variables should be set. +You can also tell Emacs whether to allow the evaluation of Emacs Lisp +code found at the bottom of files by setting the variable +@code{enable-local-eval}. For more information, @inforef{File Variables, File Variables, emacs}. |