* Info Catalog Prev emacs: Specifying File Variables Up emacs: File Variables

emacs: Safe File Variables

 
 51.2.4.2 Safety of File Variables
 .................................
 
 File-local variables can be dangerous; when you visit someone else’s
 file, there’s no telling what its local variables list could do to your
 Emacs.  Improper values of the ‘eval’ “variable”, and other variables
 such as ‘load-path’, could execute Lisp code you didn’t intend to run.
 
    Therefore, whenever Emacs encounters file local variable values that
 are not known to be safe, it displays the file’s entire local variables
 list, and asks you for confirmation before setting them.  You can type
 ‘y’ or <SPC> to put the local variables list into effect, or ‘n’ to
 ignore it.  When Emacs is run in batch mode (SeeInitial Options),
 it can’t really ask you, so it assumes the answer ‘n’.
 
    Emacs normally recognizes certain variable/value pairs as safe.  For
 instance, it is safe to give ‘comment-column’ or ‘fill-column’ any
 integer value.  If a file specifies only known-safe variable/value
 pairs, Emacs does not ask for confirmation before setting them.
 Otherwise, you can tell Emacs to record all the variable/value pairs in
 this file as safe, by typing ‘!’ at the confirmation prompt.  When Emacs
 encounters these variable/value pairs subsequently, in the same file or
 others, it will assume they are safe.
 
    Some variables, such as ‘load-path’, are considered particularly
 “risky”: there is seldom any reason to specify them as local variables,
 and changing them can be dangerous.  If a file contains only risky local
 variables, Emacs neither offers nor accepts ‘!’ as input at the
 confirmation prompt.  If some of the local variables in a file are
 risky, and some are only potentially unsafe, you can enter ‘!’ at the
 prompt.  It applies all the variables, but only marks the non-risky ones
 as safe for the future.  If you really want to record safe values for
 risky variables, do it directly by customizing
 ‘safe-local-variable-values’ (SeeEasy Customization).
 
    The variable ‘enable-local-variables’ allows you to change the way
 Emacs processes local variables.  Its default value is ‘t’, which
 specifies the behavior described above.  If it is ‘nil’, Emacs simply
 ignores all file local variables.  ‘:safe’ means use only the safe
 values and ignore the rest.  Any other value says to query you about
 each file that has local variables, without trying to determine whether
 the values are known to be safe.
 
    The variable ‘enable-local-eval’ controls whether Emacs processes
 ‘eval’ variables.  The three possibilities for the variable’s value are
 ‘t’, ‘nil’, and anything else, just as for ‘enable-local-variables’.
 The default is ‘maybe’, which is neither ‘t’ nor ‘nil’, so normally
 Emacs does ask for confirmation about processing ‘eval’ variables.
 
    As an exception, Emacs never asks for confirmation to evaluate any
 ‘eval’ form if that form occurs within the variable
 ‘safe-local-eval-forms’.
* Info Catalog Prev emacs: Specifying File Variables Up emacs: File Variables