[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
eval myths - Re: How to tame compiler?
From: |
Jean Louis |
Subject: |
eval myths - Re: How to tame compiler? |
Date: |
Fri, 30 Apr 2021 23:23:03 +0300 |
User-agent: |
Mutt/2.0.6 (2021-03-06) |
* Jorge P. de Morais Neto <jorge+list@disroot.org> [2021-04-30 17:29]:
> Hi all!
>
> Em [2021-04-22 qui 10:46:59-0400], Stefan Monnier escreveu:
>
> >> Is there a way to avoid these warnings?
> >
> > Yes: don't abuse `eval` ;-)
>
> Jean Louis, could you provide a little more detail on what are you using
> ~eval~ for? Some tasks accomplished by eval can be done more safely by
> other means. For example, if you just want symbol indirection, you can
> use ~symbol-value~ (there is also ~symbol-function~). If you want to
> apply a function object to a sequence of arguments, you can use ~apply~
> or ~funcall~.
>
> I know little about Elisp; more experienced hackers may know about other
> mechanisms that avoid the need for ~eval~.
Good read:
https://en.wikipedia.org/wiki/Eval#Security_risks
My eval-ing is equally dangerous as Org Babel evaling. If I write some
destructive commands, well, it will be destructive.
There is no special security risk there, as eval-ing does not take
place online. But I could as well do it online, even then there need
not be any security risk as I can tell which data goes into eval and
decide not to include dynamic data, but currently I do not see any
need for that.
I could write text with eval-ing markup and have it interpolated by
using Emacs on the fly, it would be pretty fast WWW publishing. Let us
say I wish to say when is document last modified, I could just
include:
Last modified: ⟦ (last-modified) ⟧ and it would interpolate into time
stamp of the file in question.
Eval I use also in the nodes in the PostgreSQL database. I am thinking
also to have various database types define for themselves their
presentation or export functions. Right now I have Emacs hashes in the
database. It is similar to properties in Org mode, though I have
properties also as PostgreSQL array type. Some document entry could be
saved in the hash, it expands PostgreSQL data type into something that
Emacs understands, such hash has to be evaled.
Let us say, I defined "Markdown Flavour X" as type, then the type
could have its functions inside of itself in the database. That would
be evaluated with eval and run. HTML could be generated, or some other
program. Instead of hard coding it statically in a program, a remote
or collaborative program could simply access the database by which
access program would be extended, fetched from remote database and
executed. Of course it gives to the remote resource full control about
which program is there. But then there can be PGP signature for
verification if necessary.
--
Jean
Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns
Sign an open letter in support of Richard M. Stallman
https://stallmansupport.org/
https://rms-support-letter.github.io/
- Re: How to tame compiler?, (continued)
- Re: How to tame compiler?, Stefan Monnier, 2021/04/22
- Re: How to tame compiler?, Jean Louis, 2021/04/22
- Re: How to tame compiler?, Jean Louis, 2021/04/22
- Re: How to tame compiler?, Jorge P . de Morais Neto, 2021/04/30
- rcd-template-eval - was Re: How to tame compiler?, Jean Louis, 2021/04/30
- rcd-template-eval, much is in Org mode, Jean Louis, 2021/04/30
- Re: rcd-template-eval, much is in Org mode, Tassilo Horn, 2021/04/30
- Re: rcd-template-eval, much is in Org mode, Emanuel Berg, 2021/04/30
- Org mode rant, Jean Louis, 2021/04/30
- Re: Org mode rant, Emanuel Berg, 2021/04/30
- eval myths - Re: How to tame compiler?,
Jean Louis <=
- Re: eval myths - Re: How to tame compiler?, Emanuel Berg, 2021/04/30
- Re: eval myths - Re: How to tame compiler?, Jean Louis, 2021/04/30
- Re: eval myths - Re: How to tame compiler?, Emanuel Berg, 2021/04/30
- Re: How to tame compiler?, Emanuel Berg, 2021/04/30
- Re: How to tame compiler?, Stefan Monnier, 2021/04/30
- Re: How to tame compiler?, Emanuel Berg, 2021/04/30
- Re: How to tame compiler?, Stefan Monnier, 2021/04/30
- Re: How to tame compiler?, Emanuel Berg, 2021/04/30
Re: How to tame compiler?, Michael Heerdegen, 2021/04/30