From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Juanma Barranquero" Newsgroups: gmane.emacs.devel Subject: Re: Image mode Date: Tue, 6 Feb 2007 12:42:04 +0100 Message-ID: References: <87k5yxeg19.fsf@jurta.org> <86irefojcc.fsf@lola.quinscape.zz> <86tzxzn0bx.fsf@lola.quinscape.zz> <86ps8nmy95.fsf@lola.quinscape.zz> <86d54nmve9.fsf@lola.quinscape.zz> <868xfbmthh.fsf@lola.quinscape.zz> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Trace: sea.gmane.org 1170762142 20294 80.91.229.12 (6 Feb 2007 11:42:22 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Tue, 6 Feb 2007 11:42:22 +0000 (UTC) Cc: Chong Yidong , emacs-devel@gnu.org To: "David Kastrup" Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Feb 06 12:42:23 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1HEOiN-0001TZ-71 for ged-emacs-devel@m.gmane.org; Tue, 06 Feb 2007 12:42:23 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HEOiJ-0007qH-Is for ged-emacs-devel@m.gmane.org; Tue, 06 Feb 2007 06:42:19 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1HEOi9-0007qC-2I for emacs-devel@gnu.org; Tue, 06 Feb 2007 06:42:09 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1HEOi7-0007pg-NW for emacs-devel@gnu.org; Tue, 06 Feb 2007 06:42:07 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HEOi7-0007pd-Ho for emacs-devel@gnu.org; Tue, 06 Feb 2007 06:42:07 -0500 Original-Received: from an-out-0708.google.com ([209.85.132.249]) by monty-python.gnu.org with esmtp (Exim 4.52) id 1HEOi7-00077L-4c for emacs-devel@gnu.org; Tue, 06 Feb 2007 06:42:07 -0500 Original-Received: by an-out-0708.google.com with SMTP id b8so1116261ana for ; Tue, 06 Feb 2007 03:42:04 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=teXnH8SFz86t2Z+7NCEP+WEJv2QyrWDfwAmezhv0OehGw4uBjFIDFigyLe94402CXjVdVPFW6EKnu8IzyZEeOmHLRtrZGjoFfUVXIhlaPuTe60gkPcXAXilgWS9HytXHzW8LoA/XOLxVWZyYW26OAnTsiY5wl3y82zKA2CF2kWg= Original-Received: by 10.114.75.1 with SMTP id x1mr744597waa.1170762124054; Tue, 06 Feb 2007 03:42:04 -0800 (PST) Original-Received: by 10.114.234.16 with HTTP; Tue, 6 Feb 2007 03:42:04 -0800 (PST) In-Reply-To: <868xfbmthh.fsf@lola.quinscape.zz> Content-Disposition: inline X-detected-kernel: Linux 2.6 (newer, 2) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:66009 Archived-At: On 2/6/07, David Kastrup wrote: > But it cannot be the business of Emacs to decide about the > trustworthiness of a source. No. > And it also > is the choice of the user whether he trusts a particular image library > for opening a particular file from a particular source. The user > can't do this job if he is mistaken about the libraries that will > likely get used. Yours is a very sophisticate user. Mine is not. I don't expect him, for example, to know that opening a TIFF could expose him to a JPEG or ZLib vulnerability. > Anyway, I say you are wrong: lots of attacks are done by having people > click on links and/or let them open file types that look like they are > something different. And a lot others by people trusting executables, images, etc. downloaded from emule, that are exactly what the user expected, sans the surprise. > yours revolve about the user being incapable to do it, and > letting Emacs do a job that can't be done by it. In fact, if anything I'm arguing against security warnings; my point is that we cannot reliably protect the user. Believing that a match between contents and file extension should somehow be more trusted is false security. /L/e/k/t/u