A bit more security doc, esp. file local vars

* doc/emacs/emacs.texi (Top):
* doc/emacs/misc.texi (Miscellaneous Commands):
Refer to new Host Security section.
(Host Security): New section.
* doc/lispref/os.texi (Security Considerations):
Mention file local variables.

diff --git a/doc/emacs/emacs.texi b/doc/emacs/emacs.texi
index 2877be9c6b7f41b0941ccf2670591aa0816cb94d..d87e8077d330594b89f59d70da0b3586e6ee3e02 100644 (file)
--- a/doc/emacs/emacs.texi
+++ b/doc/emacs/emacs.texi
@@ -188,6 +188,7 @@ Advanced Features
 * Sending Mail::        Sending mail in Emacs.
 * Rmail::               Reading mail in Emacs.
 * Gnus::                A flexible mail and news reader.
+* Host Security::       Security issues on a single computer.
 * Network Security::    Managing the network security.
 * Document View::       Viewing PDF, PS and DVI files.
 * EWW::                 A web browser in Emacs.

diff --git a/doc/emacs/misc.texi b/doc/emacs/misc.texi
index 7fad8268d06d0ad36dd79729b0f18f4da894e975..03e6613770df740a463c36ee2f69bd775fc6be06 100644 (file)
--- a/doc/emacs/misc.texi
+++ b/doc/emacs/misc.texi
@@ -6,7 +6,8 @@
 @chapter Miscellaneous Commands
 
   This chapter contains several brief topics that do not fit anywhere
-else: reading Usenet news, viewing PDFs and other such documents, web
+else: reading Usenet news, host and network security,
+viewing PDFs and other such documents, web
 browsing, running shell commands and shell subprocesses, using a
 single shared Emacs for utilities that expect to run an editor as a
 subprocess, printing, sorting text, editing binary files, saving an
@@ -249,6 +250,25 @@ Search forward for articles containing a match for @var{regexp}.
 Exit the summary buffer and return to the group buffer.
 @end table
 
+@node Host Security
+@section Host Security
+@cindex security
+
+Emacs runs inside an operating system such as GNU/Linux, and relies on
+the operating system to check security constraints such as accesses to
+files.  The default settings for Emacs are designed for typical use;
+they may require some tailoring in environments where security is more
+of a concern, or less of a concern, than usual.  For example,
+file-local variables can be risky, and you can set the variable
+@code{enable-local-variables} to @code{:safe} or (even more
+conservatively) to @code{nil}; conversely, if your files can all be
+trusted and the default checking for these variables is irritating,
+you can set @code{enable-local-variables} to @code{:all}.  @xref{Safe
+File Variables}.
+
+@xref{Security Considerations,,, elisp, The Emacs Lisp Reference
+Manual}, for more information about security considerations when using
+Emacs as part of a larger application.
 
 @node Network Security
 @section Network Security

diff --git a/doc/lispref/os.texi b/doc/lispref/os.texi
index f3c4e29cca26f5a5b08a90505cfb04064566beae..1e344c02413b3a8c168429fd4469cb5a7c86a406 100644 (file)
--- a/doc/lispref/os.texi
+++ b/doc/lispref/os.texi
@@ -2919,6 +2919,18 @@ means complete; it is intended to give you an idea of the security
 issues involved, rather than to be a security checklist.
 
 @table @asis
+@item File local variables
+@cindex file local variables
+A file that Emacs visits can contain variable settings that affects
+the buffer visiting that file; @xref{File Local Variables}.
+Similarly, a directory can specify local variable values common to all
+files in that directory; @xref{Directory Local Variables}.  Although
+Emacs takes some effort to protect against misuse of these variables,
+a security hole can be created merely by a package setting
+@code{safe-local-variable} too optimistically, a problem that is all
+too common.  To disable this feature for both files and directories,
+set @code{enable-local-variables} to nil.
+
 @item Access control
 Although Emacs normally respects access permissions of the underlying
 operating system, in some cases it handles accesses specially.  For