From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: Network security manager Date: Tue, 18 Nov 2014 13:22:11 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87ppckfjxo.fsf@lifelogs.com> References: <85a93pj1n5.fsf@stephe-leake.org> <87sihg7r73.fsf@alrua-karlstad.karlstad.toke.dk> <87a93oilxl.fsf@lifelogs.com> <87oas4h555.fsf@lifelogs.com> <87a93oh180.fsf@lifelogs.com> <83h9xw9zg3.fsf@gnu.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1416334952 19754 80.91.229.3 (18 Nov 2014 18:22:32 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Tue, 18 Nov 2014 18:22:32 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Nov 18 19:22:25 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XqnQ0-0007z0-Jj for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 19:22:24 +0100 Original-Received: from localhost ([::1]:54684 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XqnQ0-0003f5-2h for ged-emacs-devel@m.gmane.org; Tue, 18 Nov 2014 13:22:24 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51441) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XqnPi-0003ez-3Q for emacs-devel@gnu.org; Tue, 18 Nov 2014 13:22:11 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XqnPc-00022Y-P4 for emacs-devel@gnu.org; Tue, 18 Nov 2014 13:22:06 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]:60386) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XqnPc-00022T-IB for emacs-devel@gnu.org; Tue, 18 Nov 2014 13:22:00 -0500 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1XqnPU-0007hQ-OQ for emacs-devel@gnu.org; Tue, 18 Nov 2014 19:21:52 +0100 Original-Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 18 Nov 2014 19:21:52 +0100 Original-Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 18 Nov 2014 19:21:52 +0100 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 36 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) Cancel-Lock: sha1:UKjFVDg3ZwRWgWbKkT6l+rhYIjA= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.229.3 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:177623 Archived-At: On Tue, 18 Nov 2014 18:57:15 +0100 Lars Magne Ingebrigtsen wrote: LMI> Ted Zlatanov writes: LMI> What are the security implications of inserting an image from a source LMI> we can't validate? >> >> Malicious binary payloads in images are quite common. There are also >> attacks/exploits/hacks that load Javascript from images. LMI> I really hope we don't have any exploitable bugs in the image handling LMI> code. On many platforms (NS comes to mind) image handling happens before Emacs knows about it. So this is not necessarily an Emacs issue. Here's a list of libpng (just picking one library out of many that Emacs uses) CVEs: http://www.cvedetails.com/vulnerability-list/vendor_id-7294/Libpng.html Do we care? I do, others may not. Regardless, I don't think Emacs should choose to sometimes disregard the HTTP/S channel's security checks. If it does, it would be a rather unique web browser. >> OK with me, that's a good solution for this particular case. But there >> will be others where you can't see the things that went wrong in the >> background. I suggested a modeline indicator previously... it's better >> than silent failure, right? LMI> Well... No, annoying the user with things the user doesn't care about LMI> is worse than silent failure. >"? I don't think a passive indicator e.g. in the modeline is annoying. If you make the list of failures accessible somehow, the rest can be done by add-ons, so we don't need to figure it out now. Ted