Skip to content

eshelyaron/trust-manager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
trust-manager.el
trust-manager.el
 
 

Repository files navigation

trust-manager.el

This Emacs package streamlines per-project trust management.

Install it however you install packages, enable trust-manager-mode, and you're good to go!

The commentary section at the top of trust-manager.el details useful tips and customization options that you may want to check out.

Highlights

  • Pre-trusts your config files and load-path (Emacs and installed package sources)
  • Asks whether to trust each new project on first visit, remembering your answer
  • Untrusts a project automatically when you project-forget-project it
  • Shows a mode line indicator (?) in untrusted buffers; click to trust
  • Dired integration: C-c C-t / C-c C-u to trust/untrust marked files/dirs

What trust does this package manage?

Emacs 30 introduced a notion of trusted and untrusted buffers following my report of an arbitrary code execution vulnerability known as CVE-2024-53920. A buffer is trusted if the function trusted-content-p returns non-nil ("true") in that buffer, otherwise it is untrusted. Some features, which would be dangerous in untrusted buffers, are only enabled in trusted buffers.

Why do I need a trust manager?

By default, all Emacs buffers are untrusted, and you need to configure which buffers to trust via the user option trusted-content. That's a safe default, but it's not the most convenient. Hence this package.

trust-manager sets up sane and safe defaults, where common files that you already trust are marked as trusted so you get all the features when you visit them. This includes your init file and all of the ELisp source files that come with Emacs and packages you install.

In addition, whenever you visit a file in a new project for the first time, trust-manager-mode asks you whether or not you trust the project, so you don't need to worry about configuring which projects you trust ahead of time.

These conveniences let you benefit from all the features you want without compromising on safety. No need to open up overly broad trust just to get things working.

trust-manager-mode also adds an indicator to the mode line in untrusted buffers, which reminds you that some features may have been disabled, and that the buffer contents might be risky. You can click on the indicator (by default, a red ?) to mark the buffer as trusted.

About

Convenient trust management for Emacs

Resources

Readme

License

GPL-3.0 license
Activity

Stars

18 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

5 tags

Packages

 
 
 

Contributors

Languages