From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id ACA206DE02DA for ; Thu, 13 Oct 2016 13:14:24 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.324 X-Spam-Level: X-Spam-Status: No, score=-0.324 tagged_above=-999 required=5 tests=[AWL=-0.013, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.211, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PC5ebBAXdOsG for ; Thu, 13 Oct 2016 13:14:24 -0700 (PDT) Received: from mail-pf0-f194.google.com (mail-pf0-f194.google.com [209.85.192.194]) by arlo.cworth.org (Postfix) with ESMTPS id 2A7066DE02AC for ; Thu, 13 Oct 2016 13:14:24 -0700 (PDT) Received: by mail-pf0-f194.google.com with SMTP id i85so2291736pfa.0 for ; Thu, 13 Oct 2016 13:14:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=02w2TUZo2U4+bU7UCQRWY2iFSMLRUDoUrcRi07YR1Tc=; b=pGO7BvHRlaRftDKnLbZ4CcizfJyeWfOx9kVg77IntErJ1NbHaiYvz4KQ78ssKLLe3K 7CEctpRl9Hls8mOWkE7CjLr9Mlr/53mj3GX+HVD6nqDax6ux1utAreKiD5BTD817sWfp yayVVhylYtYxkBQTMnNhME2Tl0tuxxWxAgym62kJ/WCY4iYeujfl631vWkyVx48agFMP mSKDb32KU+PRDq/qiAU7XZG1QSbl0uY2HFQzYw4+7VHgSfPGvfBQ5Hz525Md6fmI37+Z On5CXvNqhby0dlx3yhar7EcMjn8YqPl8uwKLbpIRuwo0jGGGN4vBNzvEnM3NJXw+EFDw JX+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=02w2TUZo2U4+bU7UCQRWY2iFSMLRUDoUrcRi07YR1Tc=; b=P14rck+WTu5sVqQ33okXbuJLHy7QynhQ/R+C4YGLYIazCcdqZ2YRFbU/rParrB3G0A cW1HLlD0STi8v+7eL1z8+T3VmUEpZyKXh+WeRhWWczYESsI0utjqiMxx4iVnJykGc2CP sHqs4UbmwWpxJg9SZjaxvu47XnphluNtCt0j9XCT9IkwlaUh4OptqtaKp4tGFhzyen89 KyxA9P/6ooN2UKdPLtcNDwq92aAKmq0WGkuabpNLhnyc7VJxB24OsqJYNN23uf3/EKie Po1XFnQ06Ra2Um4C0pzr2nn58NtJHKLIDv/kj9M7f00B6vVCkyycxLudV3nvysWCRpau iyaQ== X-Gm-Message-State: AA6/9RlWOrdPJvXtCHPjc6HQm/k4CHg1wjCi1Hy6sOQaI+vz8kxWYnWeniTk9eHLKmeA5g== X-Received: by 10.98.61.202 with SMTP id x71mr12741919pfj.163.1476389663357; Thu, 13 Oct 2016 13:14:23 -0700 (PDT) Received: from localhost ([204.121.136.153]) by smtp.gmail.com with ESMTPSA id v86sm21628858pfa.91.2016.10.13.13.14.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Oct 2016 13:14:22 -0700 (PDT) From: Nick Howell To: notmuch@notmuchmail.org Cc: nlhowell@gmail.com Subject: [RFC PATCH 2/7] vim: mailcap: forbid access to display server Date: Thu, 13 Oct 2016 14:13:51 -0600 Message-Id: <1476389636-10383-3-git-send-email-nlhowell@gmail.com> X-Mailer: git-send-email 2.7.3 In-Reply-To: <1476389636-10383-1-git-send-email-nlhowell@gmail.com> References: <57ffd0251b0a4_6fed5783cdf@mercury.notmuch> <1476389636-10383-1-git-send-email-nlhowell@gmail.com> X-Mailman-Approved-At: Thu, 13 Oct 2016 23:10:02 -0700 X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Oct 2016 20:14:24 -0000 Default to prevent mailcap from accessing the display server. Potential concerns: a malicious .mailcap file + attachment could read your keystrokes, or if the .mailcap file is non-malicious, an attachment exploiting a vulnerability in your mailcap viewer. In principle we should probably try to run mailcap with super-low privileges, but I haven't explored this. --- vim/notmuch.vim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vim/notmuch.vim b/vim/notmuch.vim index c66c874..947fec0 100644 --- a/vim/notmuch.vim +++ b/vim/notmuch.vim @@ -60,7 +60,7 @@ let s:notmuch_reader_default = 'mutt -f %s' let s:notmuch_sendmail_default = 'sendmail' let s:notmuch_folders_count_threads_default = 0 let s:notmuch_compose_start_insert_default = 1 -let s:notmuch_mailcap_filter_default = "run-mailcap --action=view %s:-" +let s:notmuch_mailcap_filter_default = "DISPLAY= run-mailcap --action=view %s:-" function! s:new_file_buffer(type, fname) exec printf('edit %s', a:fname) -- 2.7.3