From: David Kastrup <dak@gnu.org>
To: "Juanma Barranquero" <lekktu@gmail.com>
Cc: Chong Yidong <cyd@stupidchicken.com>, emacs-devel@gnu.org
Subject: Re: Image mode
Date: Tue, 06 Feb 2007 12:10:50 +0100 [thread overview]
Message-ID: <868xfbmthh.fsf@lola.quinscape.zz> (raw)
In-Reply-To: <f7ccd24b0702060257j4f1c677dx102ae57db902021b@mail.gmail.com> (Juanma Barranquero's message of "Tue\, 6 Feb 2007 11\:57\:58 +0100")
"Juanma Barranquero" <lekktu@gmail.com> writes:
> On 2/6/07, David Kastrup <dak@gnu.org> wrote:
>
>> Well, _we_ don't know about any vulnerabilities either at the moment,
>> so it would seem that it does not make much sense to talk about
>> anything in this discussion.
>
> Very funny, but obviously we were talking about the (possibility of)
> vulnerabilities the user *doesn't* know about...
>
>> Not that it does not feel like that...
>
> More and more...
>
>> And are you telling me that all the junk mails
>> that want me to click on something have a sender I know?
>
> No. I'm saying that the virus your computer will catch won't come in a
> .jpg file hiding as a .c or .txt or whatever. It will come in a .jpg
> "hiding" as a .jpg from a source you'll consider trusted or, at the
> very least, non threatening.
But it cannot be the business of Emacs to decide about the
trustworthiness of a source. It is the job of the user. And it also
is the choice of the user whether he trusts a particular image library
for opening a particular file from a particular source. The user
can't do this job if he is mistaken about the libraries that will
likely get used.
Anyway, I say you are wrong: lots of attacks are done by having people
click on links and/or let them open file types that look like they are
something different.
My arguments revolve about letting the user do his part with regard to
security, yours revolve about the user being incapable to do it, and
letting Emacs do a job that can't be done by it.
--
David Kastrup
next prev parent reply other threads:[~2007-02-06 11:10 UTC|newest]
Thread overview: 164+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-04 22:52 Image mode Juri Linkov
2007-02-04 23:40 ` Juanma Barranquero
2007-02-05 1:25 ` Chong Yidong
2007-02-05 9:03 ` Juanma Barranquero
2007-02-05 9:16 ` Juanma Barranquero
2007-02-05 9:28 ` David Kastrup
2007-02-05 9:37 ` David Kastrup
2007-02-05 11:12 ` Juanma Barranquero
2007-02-06 0:16 ` Richard Stallman
2007-02-06 0:25 ` Juanma Barranquero
2007-02-06 1:37 ` Drew Adams
2007-02-06 7:18 ` David Kastrup
2007-02-06 11:09 ` Slawomir Nowaczyk
2007-02-06 0:15 ` Richard Stallman
2007-02-06 0:29 ` Lennart Borgman (gmail)
2007-02-06 4:56 ` Chong Yidong
2007-02-06 23:15 ` Richard Stallman
2007-02-06 23:41 ` Chong Yidong
2007-02-06 23:55 ` Slawomir Nowaczyk
2007-02-05 7:13 ` David Kastrup
2007-02-05 9:06 ` Juanma Barranquero
2007-02-07 19:21 ` Chong Yidong
2007-02-07 19:43 ` Stuart D. Herring
2007-02-07 21:08 ` Chong Yidong
2007-02-07 21:21 ` Stefan Monnier
2007-02-07 21:35 ` Stuart D. Herring
2007-02-07 23:07 ` Stefan Monnier
2007-02-08 9:33 ` Jason Rumney
2007-02-08 16:38 ` Stefan Monnier
2007-02-08 16:55 ` Stuart D. Herring
2007-02-08 18:36 ` Chong Yidong
2007-02-07 22:55 ` Kim F. Storm
2007-02-07 23:27 ` Juri Linkov
2007-02-08 9:30 ` Jason Rumney
2007-02-08 15:23 ` Chong Yidong
2007-02-05 1:40 ` Chong Yidong
2007-02-05 4:21 ` Miles Bader
2007-02-05 10:58 ` Kim F. Storm
2007-02-05 11:02 ` Lennart Borgman (gmail)
2007-02-05 11:16 ` Juanma Barranquero
2007-02-05 11:26 ` David Kastrup
2007-02-05 11:39 ` Juanma Barranquero
2007-02-05 11:48 ` David Kastrup
2007-02-05 12:00 ` Juanma Barranquero
2007-02-05 12:08 ` David Kastrup
2007-02-05 12:16 ` Juanma Barranquero
2007-02-05 19:00 ` Stefan Monnier
2007-02-06 0:16 ` Richard Stallman
2007-02-06 0:32 ` Lennart Borgman (gmail)
2007-02-06 23:14 ` Richard Stallman
2007-02-06 7:16 ` David Kastrup
2007-02-05 12:46 ` Lennart Borgman (gmail)
2007-02-05 12:57 ` Juanma Barranquero
2007-02-05 12:58 ` David Kastrup
2007-02-05 14:47 ` Mathias Dahl
2007-02-05 14:54 ` Juanma Barranquero
2007-02-05 17:08 ` Chong Yidong
2007-02-05 18:35 ` Mathias Dahl
2007-02-05 18:35 ` Jason Rumney
2007-02-05 19:06 ` Chong Yidong
2007-02-05 19:14 ` Juanma Barranquero
2007-02-05 19:26 ` Juanma Barranquero
2007-02-05 19:28 ` Chong Yidong
2007-02-05 19:51 ` Juanma Barranquero
2007-02-05 20:12 ` Stefan Monnier
2007-02-05 20:14 ` Juanma Barranquero
2007-02-05 20:13 ` Chong Yidong
2007-02-05 20:21 ` Juanma Barranquero
2007-02-05 20:33 ` Chong Yidong
2007-02-05 21:25 ` Juanma Barranquero
2007-02-05 21:30 ` Chong Yidong
2007-02-05 22:25 ` Juanma Barranquero
2007-02-05 23:50 ` Chong Yidong
2007-02-06 0:17 ` Juanma Barranquero
2007-02-06 7:06 ` David Kastrup
2007-02-06 8:30 ` Juanma Barranquero
2007-02-06 8:42 ` David Kastrup
2007-02-06 9:06 ` Juanma Barranquero
2007-02-06 9:27 ` David Kastrup
2007-02-06 9:43 ` Juanma Barranquero
2007-02-06 10:29 ` David Kastrup
2007-02-06 10:57 ` Juanma Barranquero
2007-02-06 11:10 ` David Kastrup [this message]
2007-02-06 11:42 ` Juanma Barranquero
2007-02-06 11:48 ` David Kastrup
2007-02-06 12:02 ` Juanma Barranquero
2007-02-06 23:16 ` Richard Stallman
2007-02-07 0:06 ` David Kastrup
2007-02-07 19:41 ` Richard Stallman
2007-02-07 19:41 ` Richard Stallman
2007-02-07 16:10 ` Stuart D. Herring
2007-02-09 17:24 ` Chris Moore
2007-02-09 18:14 ` Stuart D. Herring
2007-02-09 18:22 ` Chong Yidong
2007-02-12 4:55 ` Richard Stallman
2007-02-13 6:01 ` Chris Moore
2007-02-13 23:36 ` Richard Stallman
2007-02-06 23:16 ` Richard Stallman
2007-02-06 23:47 ` David Kastrup
2007-02-07 19:41 ` Richard Stallman
2007-02-06 1:46 ` Miles Bader
2007-02-06 11:53 ` Slawomir Nowaczyk
2007-02-06 15:15 ` Stefan Monnier
2007-02-06 15:46 ` Jason Rumney
2007-02-06 16:08 ` Chong Yidong
2007-02-06 16:58 ` Jason Rumney
2007-02-06 17:10 ` Chong Yidong
2007-02-06 23:51 ` Kim F. Storm
2007-02-07 0:03 ` Chong Yidong
2007-02-07 0:41 ` Kim F. Storm
2007-02-05 20:24 ` Juanma Barranquero
2007-02-05 20:36 ` Chong Yidong
2007-02-05 20:20 ` Chong Yidong
2007-02-05 20:33 ` Juanma Barranquero
2007-02-06 17:08 ` Richard Stallman
2007-02-06 17:56 ` Juanma Barranquero
2007-02-07 1:37 ` Richard Stallman
2007-02-07 1:42 ` Juanma Barranquero
2007-02-07 7:15 ` David Kastrup
2007-02-07 8:09 ` Juanma Barranquero
2007-02-07 19:41 ` Richard Stallman
2007-02-06 17:08 ` Richard Stallman
2007-02-06 23:46 ` Chris Moore
2007-02-06 23:58 ` Chong Yidong
2007-02-07 16:59 ` Chris Moore
2007-02-08 0:52 ` Richard Stallman
2007-02-09 17:17 ` Chris Moore
2007-02-10 9:51 ` Eli Zaretskii
2007-02-05 19:06 ` Juanma Barranquero
2007-02-05 21:27 ` Juri Linkov
2007-02-06 11:42 ` Slawomir Nowaczyk
2007-02-05 19:07 ` Lennart Borgman (gmail)
2007-02-06 9:19 ` Jason Rumney
2007-02-06 9:35 ` David Kastrup
2007-02-06 9:46 ` Lennart Borgman (gmail)
2007-02-06 10:21 ` Mathias Dahl
2007-02-06 16:50 ` Stefan Monnier
2007-02-05 21:28 ` Juri Linkov
2007-02-05 21:35 ` Lennart Borgman (gmail)
2007-02-05 21:38 ` Chong Yidong
2007-02-05 22:02 ` Stefan Monnier
2007-02-06 17:09 ` Richard Stallman
2007-02-05 11:15 ` Juanma Barranquero
2007-02-05 21:45 ` Kim F. Storm
2007-02-05 21:53 ` Chris Moore
2007-02-05 12:22 ` Miles Bader
[not found] ` <E1HEE0j-0004T3-Rc@fencepost.gnu.org>
2007-02-06 7:20 ` David Kastrup
2007-02-06 23:15 ` Richard Stallman
2007-02-06 10:53 ` Lars Magne Ingebrigtsen
2007-02-06 23:16 ` Richard Stallman
2007-02-06 12:26 ` Kim F. Storm
2007-02-06 12:46 ` David Kastrup
2007-02-06 16:48 ` Stefan Monnier
2007-02-05 18:56 ` Stefan Monnier
2007-02-05 19:08 ` Chong Yidong
2007-02-05 19:28 ` Stefan Monnier
2007-02-05 21:12 ` Chris Moore
2007-02-05 21:28 ` Juri Linkov
2007-02-06 11:09 ` Slawomir Nowaczyk
2007-02-05 19:10 ` Richard Stallman
2007-02-05 21:25 ` Chris Moore
2007-02-06 17:09 ` Richard Stallman
2007-02-06 22:54 ` David Kastrup
2007-02-07 1:37 ` Richard Stallman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=868xfbmthh.fsf@lola.quinscape.zz \
--to=dak@gnu.org \
--cc=cyd@stupidchicken.com \
--cc=emacs-devel@gnu.org \
--cc=lekktu@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.