From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Robert Pluim Newsgroups: gmane.emacs.devel Subject: Re: The netsec thread Date: Fri, 23 Aug 2019 14:39:05 +0200 Message-ID: References: <86pnzdrn8u.fsf@gmail.com> <834l36koak.fsf@gnu.org> <87pnlg7r83.fsf@mouse.gnus.org> <87o90gd1us.fsf@mouse.gnus.org> <838srkb64w.fsf@gnu.org> <83wof4jcrd.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="261001"; mail-complaints-to="usenet@blaine.gmane.org" Cc: larsi@gnus.org, emacs-devel@gnu.org To: Eli Zaretskii Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Aug 23 14:40:47 2019 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1i18s3-0015nE-75 for ged-emacs-devel@m.gmane.org; Fri, 23 Aug 2019 14:40:47 +0200 Original-Received: from localhost ([::1]:55504 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i18s1-0000c8-Ms for ged-emacs-devel@m.gmane.org; Fri, 23 Aug 2019 08:40:45 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:60775) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i18qd-0000SH-Te for emacs-devel@gnu.org; Fri, 23 Aug 2019 08:39:21 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1i18qW-0006aM-6K for emacs-devel@gnu.org; Fri, 23 Aug 2019 08:39:17 -0400 Original-Received: from mail-wr1-x42c.google.com ([2a00:1450:4864:20::42c]:42095) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1i18qV-0006UA-KL; Fri, 23 Aug 2019 08:39:11 -0400 Original-Received: by mail-wr1-x42c.google.com with SMTP id b16so8484819wrq.9; Fri, 23 Aug 2019 05:39:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:mail-copies-to:gmane-reply-to-list :date:in-reply-to:message-id:mime-version:content-transfer-encoding; bh=rgLdWeW0Km5ylkVQwA1YTzYSXncpK2Cemy2lMW9NsDA=; b=ZD9aA5giT3YIHqyd55d9+oAD9/2LolZGrkkWZ/O5J1L6igv8Qx66P45WiEL9cWOFZg fPVr8/TZ2DPANbE1pQq3kd4SgGwuL+9E7vUC5RsXJ7XAVW6N9UCcQpdUybefveh+d+VL Kn6Owbgx6QXwe1VrrVMvsHBOdIM0p7BGzoKrsFbPqghNP7PPsb5TzlOhr4DiH+0QBc3z OdkF3f/nmzly0A+nPP9aZyNd0MYkCRcL3+8kE5KMGGUwonfZCmgAIaNuamJKhDnoVPsR 0T0BkcvyMbTNskKIVxd13D+bgpWvHcwfp9sKhB+B/WyxHUQJ5jeA7zkGWhz5Bp3biPVn Q6kw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:mime-version :content-transfer-encoding; bh=rgLdWeW0Km5ylkVQwA1YTzYSXncpK2Cemy2lMW9NsDA=; b=uhousnBpghncluUvwLoCIXivlAJOV35fhVcgZkBsjXJX6RNSuY1MOJlfJBVg4Iyxf5 31k733HIqxxesSvmOb8Ps8HVQsgdos8FkeczeQ7RHuuh1jhs+73Lc5laU9J4LSQ06fDL uhAk1Jsa2olXqcNHj8h7Ij08CEMl7xQ0pQBzbEpxcYB5Pmt97dhb9rS/5pyXBAZ7rjGS aaexd3HNzild+kT19ckE2eaNu0mJEou/Ez2eKfF8L8fgCFTcyGVq6ZjrHn49jDjMaJ+6 nWE2bD/FxH1KoFM0arJ9iE1FQ3O1gfx57lWFUXqDTCUQ8kI7/WGg7eiUvTbpxhK5I5Dx Jkfw== X-Gm-Message-State: APjAAAWYRR/vARVOn/WG+Y5HVYD04aFYQR4avvYhtaqHY/zbTu/b/v5Z VbSmH2TYGqJJwWcGNkB98p5G1hcy X-Google-Smtp-Source: APXvYqyYofTGYcCxoanUS2QxWZ0hENLJ/OVHbMnUMj+t2DyAuylNAQUZvsJAALoftPhjx5pf0d1PRQ== X-Received: by 2002:adf:cd11:: with SMTP id w17mr1134683wrm.297.1566563949561; Fri, 23 Aug 2019 05:39:09 -0700 (PDT) Original-Received: from rpluim-mac ([149.5.228.1]) by smtp.gmail.com with ESMTPSA id f10sm3093066wrm.31.2019.08.23.05.39.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 23 Aug 2019 05:39:06 -0700 (PDT) Mail-Copies-To: never Gmane-Reply-To-List: yes In-Reply-To: <83wof4jcrd.fsf@gnu.org> (Eli Zaretskii's message of "Fri, 23 Aug 2019 15:18:46 +0300") X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::42c X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:239516 Archived-At: (I removed 'mouse' from Lars' email address) >>>>> On Fri, 23 Aug 2019 15:18:46 +0300, Eli Zaretskii said: >> From: Robert Pluim >> Cc: Lars Ingebrigtsen , emacs-devel@gnu.org >> Date: Fri, 23 Aug 2019 11:40:44 +0200 >>=20 Eli> If there are any specific changes in behavior due to this Eli> "tightening", we should consider them for NEWS. >>=20 >> I think those were noted in the changes to NEWS brought in from the >> branch. I *could* add something like this as well, although I really >> am not in favour of advertising the feature too much, hence the >> shouting: >>=20 >> +++ >> ** New user option 'nsm-trust-local-network'. >> Allows skipping Network Security Manager checks for hosts on your >> local subnet(s). DEFAULTS TO NIL. There is a good reason for that, >> ensure you know what you are doing before you change it. Eli> I don't believe in "security by obscurity", so I think this should= be Eli> in NEWS. Especially since it's in the manual. I said 'not advertise too much', not 'no documentation' (and it=CA=BCs not in the manual). Eli> I would suggest a Eli> slight rephrase, though: Eli> +++ Eli> ** New user option 'nsm-trust-local-network'. Eli> Allows skipping Network Security Manager checks for hosts on your Eli> local subnet(s). It defaults to nil. Usually, there should be = no Eli> need to set this non-nil, and doing that risks opening your local Eli> network connections to attacks. So be sure you know what you are Eli> doing before changing the value. Sure. I=CA=BCll give it a few days for people to wordsmith it some more. Robert