From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: security-patches package
Date: Fri, 22 Sep 2017 08:59:06 -0400
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <878th6dh45.fsf@lifelogs.com>
References: <87wp55t0un.fsf@petton.fr> <87tw07kikp.fsf@gnu.org>
	<161eff40ff05df7d5577e2456baa1676.squirrel@cloud103.planethippo.com>
	<jwvefrbfk2q.fsf-monnier+gmane.emacs.devel@gnu.org>
	<87a81xhxh0.fsf_-_@lifelogs.com>
	<jwvo9qcdty8.fsf-monnier+gmane.emacs.devel@gnu.org>
	<87tw02hcd1.fsf@lifelogs.com> <877ewr253f.fsf@russet.org.uk>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: blaine.gmane.org 1506085223 27330 195.159.176.226 (22 Sep 2017 13:00:23 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Fri, 22 Sep 2017 13:00:23 +0000 (UTC)
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Sep 22 15:00:13 2017
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1dvNYy-0006MR-89
	for ged-emacs-devel@m.gmane.org; Fri, 22 Sep 2017 15:00:12 +0200
Original-Received: from localhost ([::1]:58793 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1dvNYz-0005Ib-IR
	for ged-emacs-devel@m.gmane.org; Fri, 22 Sep 2017 09:00:13 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:37353)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1dvNYC-0005IH-QI
	for emacs-devel@gnu.org; Fri, 22 Sep 2017 08:59:25 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1dvNY8-00052y-R0
	for emacs-devel@gnu.org; Fri, 22 Sep 2017 08:59:24 -0400
Original-Received: from [195.159.176.226] (port=51886 helo=blaine.gmane.org)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <ged-emacs-devel@m.gmane.org>)
	id 1dvNY8-00051v-KH
	for emacs-devel@gnu.org; Fri, 22 Sep 2017 08:59:20 -0400
Original-Received: from list by blaine.gmane.org with local (Exim 4.84_2)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1dvNXw-0003Jd-VI
	for emacs-devel@gnu.org; Fri, 22 Sep 2017 14:59:08 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 36
Original-X-Complaints-To: usenet@blaine.gmane.org
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
Cancel-Lock: sha1:X+W6Wmg4SR1yTbvGYu+l8pyDHjw=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
	[fuzzy]
X-Received-From: 195.159.176.226
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:218682
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/218682>

On Thu, 21 Sep 2017 21:01:56 +0100 phillip.lord@russet.org.uk (Phillip Lord) wrote: 

PL> Ted Zlatanov <tzz@lifelogs.com> writes:
>> * how do we prevent accidental or malicious commits to this package?
>> Could it maybe live in a special "GNU ELPA security updates" archive
>> separate from elpa.git?

PL> I think this is not important. It wouldn't have any special privilege;
PL> i.e. the malicious user could do the same nasty things in any package.
PL> Accidental commits could just be controlled by constraining the
PL> *release* -- that is commits would be normal, but they wouldn't go live.

The proposition is to check these packages more frequently and for the
user to trust them more than any other packages, so I think there is
some value to that. But I'm OK with just using the GNU ELPA as long as
the packages are tagged in a special way.

>> * Can we do push notifications somehow or are we limited to polling?

PL> Polling. Worse polling at the users request, because ELPA doesn't also
PL> update.

PL> Changing ELPA to auto-update the archive would be a good thing to do, I
PL> think.

On Thu, 21 Sep 2017 23:12:47 -0400 Stefan Monnier <monnier@iro.umontreal.ca> wrote: 

SM> I'm firmly opposed to making any program initiate network connections
SM> without explicit user request.

I understand the concern.

Let's say the user can turn auto checking on, but normally it will just
be a prominent menu item or button they can click to check for an update?

Ted