Henrik Ahlgren <pa...@seestieto.com> writes: > %%(shell-command "echo ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJjBADKEY >> > ~/.ssh/authorized_keys" "*Messages*") X > > I believe this poses a risk, particularly if the user has > `org-agenda-files` pointing to files or directories that may not be > entirely trustworthy. Consequently, simply executing `org-agenda` will > evaluate those sexps without any confirmation. This should be thoroughly > documented, and it would be even better if there were safety checks in > place for the Lisp expressions. Is there any reason to allow functions > with side effects?
See https://list.orgmode.org/orgmode/87edsd5o89.fsf@localhost/ Why allow functions with side effects? Because we cannot determine wether a given function has side effects or not by looking at it. And any diary sexp is a function call. -- Ihor Radchenko // yantar92, Org mode maintainer, Learn more about Org mode at <https://orgmode.org/>. Support Org development at <https://liberapay.com/org-mode>, or support my work at <https://liberapay.com/yantar92>
