summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--doc/emacs/ChangeLog5
-rw-r--r--doc/emacs/custom.texi2
-rw-r--r--lisp/custom.el4
3 files changed, 8 insertions, 3 deletions
diff --git a/doc/emacs/ChangeLog b/doc/emacs/ChangeLog
index cd0d30615a2..ad49224e0d3 100644
--- a/doc/emacs/ChangeLog
+++ b/doc/emacs/ChangeLog
@@ -1,3 +1,8 @@
+2012-01-09 Chong Yidong <cyd@gnu.org>
+
+ * custom.texi (Custom Themes): Switched custom-safe-themes to use
+ SHA-256.
+
2012-01-07 Chong Yidong <cyd@gnu.org>
* display.texi (Useless Whitespace): Add Whitespace mode.
diff --git a/doc/emacs/custom.texi b/doc/emacs/custom.texi
index 1d75be4dd8c..82a63996a64 100644
--- a/doc/emacs/custom.texi
+++ b/doc/emacs/custom.texi
@@ -598,7 +598,7 @@ the theme file and asks if you really want to load it. Because
loading a Custom theme can execute arbitrary Lisp code, you should
only say yes if you know that the theme is safe; in that case, Emacs
offers to remember in the future that the theme is safe (this is done
-by saving the theme file's SHA1 hash to the variable
+by saving the theme file's SHA-256 hash to the variable
@code{custom-safe-themes}; if you want to treat all themes as safe,
change its value to @code{t}). Themes that come with Emacs (in the
@file{etc/themes} directory) are exempt from this check, and are
diff --git a/lisp/custom.el b/lisp/custom.el
index d3752789e28..2ccfe094933 100644
--- a/lisp/custom.el
+++ b/lisp/custom.el
@@ -1105,7 +1105,7 @@ property `theme-feature' (which is usually a symbol created by
(defcustom custom-safe-themes '(default)
"Themes that are considered safe to load.
-If the value is a list, each element should be either the `sha1'
+If the value is a list, each element should be either the SHA-256
hash of a safe theme file, or the symbol `default', which stands
for any theme in the built-in Emacs theme directory (a directory
named \"themes\" in `data-directory').
@@ -1161,7 +1161,7 @@ Return t if THEME was successfully loaded, nil otherwise."
(error "Unable to find theme file for `%s'" theme))
(with-temp-buffer
(insert-file-contents fn)
- (setq hash (sha1 (current-buffer)))
+ (setq hash (secure-hash 'sha256 (current-buffer)))
;; Check file safety with `custom-safe-themes', prompting the
;; user if necessary.
(when (or no-confirm
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-17 16:15:54 +0000