| ▲ | VyseofArcadia 3 days ago |
| This feels like a social problem instead of a technical one. Macros and macro expansion are a core language feature. Code analysis tools have to do macro expansion. You can't handicap core language features and tools in the name of safety. If you are doing something potentially dangerous, you just have to take precautions. Real world analogy: construction sites are dangerous, but you can't outlaw the bulldozer. It is a necessary piece of equipment. The best you can do is take precautions. Hard hats, high visibility clothing, audible warnings, etc. |
|
| ▲ | zitterbewegung 3 days ago | parent | next [-] |
| Largely this problem which is core to Emacs in the sense it literally is "An Elegant Weapon For A More Civilized Time" due to its age. There is no concept of sandboxing anything in Emacs. You do get an alert sometimes when you change Theme's since they have a notion of totally executable code. Maybe a better solution would be to make a subset of elisp that artifacts be coded in which are sandboxed. |
| |
| ▲ | d0mine 2 days ago | parent | next [-] | | No sandboxing is not a bug, it is the feature that makes emacs into elisp platform, and not just another editor that has defined API for extensions. | |
| ▲ | taeric 3 days ago | parent | prev [-] | | This problem is specific to elisp evaluation. It is rare that you would want to work in elisp code and not be modifying your currently running emacs. If you are working on code for any other language, it is probably using an LSP or other form of child processes, right? | | |
| ▲ | taeric a day ago | parent | next [-] | | (Adding as a very late edit on the above. I didn't mean that this problem cannot exist in other settings, which I can see is what folks probably read me as meaning. I just meant the problem in this overall story is specific to elisp because it is core to emacs.) | |
| ▲ | VyseofArcadia 2 days ago | parent | prev [-] | | Well I wouldn't say any other language. Common Lisp for example you have a currently running lisp instance that you are modifying. You can pretty easily set up Emacs to work that way for any language with a REPL. | | |
| ▲ | taeric 2 days ago | parent [-] | | Fair, though with the CL/Python/Whatever you would have to have a session started before visiting the file. I suppose with the newer eglot and friends, it could reach out using LSP as soon as you enter a project directory? At that point, I'd assume similar attacks exist in those contexts, too? Maybe protected by some sandboxing in the LSP side? |
|
|
|
|
| ▲ | lexicality 3 days ago | parent | prev | next [-] |
| Bulldozers also come with keys that stop random people walking up and turning them on though |
| |
| ▲ | ablob 3 days ago | parent [-] | | And a big enough plane does not stop random people from walking up and turning them on. I don't think this analogy fits here. |
|
|
| ▲ | 3 days ago | parent | prev [-] |
| [deleted] |