Some major modes, such as SES, call functions that are stored in user files. (See (ses)Simple Emacs Spreadsheet, for more information on SES.) User files sometimes have poor pedigrees—you can get a spreadsheet from someone you’ve just met, or you can get one through email from someone you’ve never met. So it is risky to call a function whose source code is stored in a user file until you have determined that it is safe.
nil if form is a safe Lisp expression, or
returns a list that describes why it might be unsafe. The argument
unsafep-vars is a list of symbols known to have temporary
bindings at this point; it is mainly used for internal recursive
calls. The current buffer is an implicit argument, which provides a
list of buffer-local bindings.
Being quick and simple,
unsafep does a very light analysis and
rejects many Lisp expressions that are actually safe. There are no
known cases where
nil for an unsafe
expression. However, a safe Lisp expression can return a string
display property, containing an associated Lisp
expression to be executed after the string is inserted into a buffer.
This associated expression can be a virus. In order to be safe, you
must delete properties from all strings calculated by user code before
inserting them into buffers.