From: Eshel Yaron Date: Tue, 24 Dec 2024 17:14:12 +0000 (+0100) Subject: Trust nothing by default X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=ae5f5324ca59d1e0973a4d2e558b7f87e4238e0a;p=emacs.git Trust nothing by default --- diff --git a/lisp/files.el b/lisp/files.el index 6657588bc0f..321dec36acd 100644 --- a/lisp/files.el +++ b/lisp/files.el @@ -746,22 +746,17 @@ See also `trusted-content'." buffer-file-truename (with-demoted-errors "trusted-content-p: %S" (let ((exists (file-exists-p buffer-file-truename))) - (or - ;; We can't avoid trusting the user's init file. - (if (and exists user-init-file) - (file-equal-p buffer-file-truename user-init-file) - (equal buffer-file-truename user-init-file)) - (let ((file (abbreviate-file-name buffer-file-truename)) - (trusted nil)) - (dolist (tf trusted-content) - (when (or (if exists (file-equal-p tf file) (equal tf file)) - ;; We don't use `file-in-directory-p' here, because - ;; we want to err on the conservative side: "guilty - ;; until proven innocent". - (and (string-suffix-p "/" tf) - (string-prefix-p tf file))) - (setq trusted t))) - trusted)))))))) + (let ((file (abbreviate-file-name buffer-file-truename)) + (trusted nil)) + (dolist (tf trusted-content) + (when (or (if exists (file-equal-p tf file) (equal tf file)) + ;; We don't use `file-in-directory-p' here, because + ;; we want to err on the conservative side: "guilty + ;; until proven innocent". + (and (string-suffix-p "/" tf) + (string-prefix-p tf file))) + (setq trusted t))) + trusted))))))) ;; This is an odd variable IMO. ;; You might wonder why it is needed, when we could just do: