From debbugs-submit-bounces@debbugs.gnu.org Tue Sep 20 18:48:14 2016
Received: (at submit) by debbugs.gnu.org; 20 Sep 2016 22:48:14 +0000
Received: from localhost ([127.0.0.1]:58555 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bmTpl-0007bo-Ui
	for submit@debbugs.gnu.org; Tue, 20 Sep 2016 18:48:14 -0400
Received: from eggs.gnu.org ([208.118.235.92]:52583)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rgm@gnu.org>) id 1bmTpl-0007bc-0y
 for submit@debbugs.gnu.org; Tue, 20 Sep 2016 18:48:13 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rgm@gnu.org>) id 1bmTpf-0008AL-2c
 for submit@debbugs.gnu.org; Tue, 20 Sep 2016 18:48:07 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:51402)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rgm@gnu.org>)
 id 1bmTpf-0008AE-0D
 for submit@debbugs.gnu.org; Tue, 20 Sep 2016 18:48:07 -0400
Received: from rgm by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rgm@gnu.org>)
 id 1bmTpe-0006f9-Gx; Tue, 20 Sep 2016 18:48:06 -0400
From: Glenn Morris <rgm@gnu.org>
To: submit@debbugs.gnu.org
Subject: efaq: security risks
X-Spook: Standoff Chemical Jyllandsposten fundamentalist Echelon
X-Ran: O<kH5#,>6Tg|(P>I,RNU8[/;cD`#~i(?_9|5{fZL!7|k*4n/\7aCIt(t7)RRmyE37y{d2N
X-Hue: red
X-Debbugs-No-Ack: yes
X-Attribution: GM
Date: Tue, 20 Sep 2016 18:48:06 -0400
Message-ID: <7ca8f2ur15.fsf@fencepost.gnu.org>
User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.1 (--------)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.1 (--------)

Package: emacs
Severity: minor
Tags: security
Version: 25.1

The (very crufty) Emacs FAQ contains a section:

   "Are there any security risks in Emacs?"

The stuff about movemail and synthetic X events is archaic.

There is no mention of the more current problems:

1) installing a package runs arbitrary code
Better make sure you trust whoever gave you that package (gpg signing)
and how you got it (https), etc.

2) using an Emacs mail client to view HTML mail is a security risk if remote
content is fetched (I think it isn't by default, but this might not
apply to every client)

3) viewing remote HTML content (eg with eww or xwidgets) is likewise a
potential security risk.




From debbugs-submit-bounces@debbugs.gnu.org Tue Sep 20 18:54:56 2016
Received: (at 24489) by debbugs.gnu.org; 20 Sep 2016 22:54:56 +0000
Received: from localhost ([127.0.0.1]:58560 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bmTwG-0007lc-Ky
	for submit@debbugs.gnu.org; Tue, 20 Sep 2016 18:54:56 -0400
Received: from hermes.netfonds.no ([80.91.224.195]:48089)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@gnus.org>) id 1bmTwF-0007lT-MK
 for 24489@debbugs.gnu.org; Tue, 20 Sep 2016 18:54:56 -0400
Received: from cm-84.215.1.64.getinternet.no ([84.215.1.64] helo=stories)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.84_2) (envelope-from <larsi@gnus.org>)
 id 1bmTw8-0002zc-JE; Wed, 21 Sep 2016 00:54:52 +0200
From: Lars Ingebrigtsen <larsi@gnus.org>
To: Glenn Morris <rgm@gnu.org>
Subject: Re: bug#24489: efaq: security risks
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAIVBMVEX/Kmb/KWX/J2XKIl//
 K2ZDE1X/KmL/KGX+KGT/KmhnH2YYvW3gAAACOUlEQVQ4jXWUsW7bMBCG9QwZOreXgA1XEw0cji5B
 hF0LAYVHSiCkPkCBjrUBIclIE0auYwQbtp6yR1KyjTa9QSL58b//TiRUlP+JQrwdu8JNwfILnAsc
 P5cnYCG/O2c5vlyAX1HRREXDeaguUm2jLDLrwV+CVQTadiRC3JxBC5oMdANsBcgvwGQOFPxS0RBQ
 NWVkFv3foK1r11iL5HHZR+d0INAkEBXs7KHUA8AJjKboXF0rlwEORfwISYFJYYG5SWHZ5OGcdo+s
 nRTNyUO7Dw7OILkzRmDBuYNuBOt5V1V3XTOHqlpwnL+Ie0RBoPoqpJRCCvgkLf8tRC/Epo+pXp8P
 4rvYt9jLp4/zB3EgcIxgf72XvdjjRsgWjlIM3wTKewKH9Z1wQuDzIA2KL+KVxngkMFvPCFS9qGTP
 rwcxu5bHgRRN7o9x/04jgqfjiOXGrwvxo9D0vUJsz6CjEYuNc0+dAfoMdoUlcMs6RkkC0rKPJxsP
 KgLSxK20kQMCeB7BYwYcMuBxRrekLNiKwS3/QRMwBEwy57GqFUCzuKFUuCWP0ZwTsNwC0gX3mAN8
 rqoztBiCwSlODRo0qOp4OtQgja+uMqhV0FopMwLc5pRl8XQTVBsz/cSQFA7z0XYYtApkwhOgMsx4
 GVSgPIFKH8P76ZbUBIxOu5MJTkBpE1Q0Dsak5whqRashjAKTa0seFCbgCZgzMHlTthgjVWXw3xiK
 nm7SW1GkX81yKJfjgCI9i3IX58sRDLRll/gfK5rir9cQfIYAAAAASUVORK5CYII=
Date: Wed, 21 Sep 2016 00:53:13 +0200
In-Reply-To: <7ca8f2ur15.fsf@fencepost.gnu.org> (Glenn Morris's message of
 "Tue, 20 Sep 2016 18:48:06 -0400")
Message-ID: <m3shsurxnq.fsf@gnus.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 24489
Cc: 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

Glenn Morris <rgm@gnu.org> writes:

> 2) using an Emacs mail client to view HTML mail is a security risk if remote
> content is fetched (I think it isn't by default, but this might not
> apply to every client)
>
> 3) viewing remote HTML content (eg with eww or xwidgets) is likewise a
> potential security risk.

Do you mean privacy risk?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




From debbugs-submit-bounces@debbugs.gnu.org Wed Sep 21 17:26:29 2016
Received: (at 24489) by debbugs.gnu.org; 21 Sep 2016 21:26:29 +0000
Received: from localhost ([127.0.0.1]:60015 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bmp2D-0007vI-CD
	for submit@debbugs.gnu.org; Wed, 21 Sep 2016 17:26:29 -0400
Received: from eggs.gnu.org ([208.118.235.92]:43320)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rms@gnu.org>) id 1bmp2B-0007v2-62
 for 24489@debbugs.gnu.org; Wed, 21 Sep 2016 17:26:27 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rms@gnu.org>) id 1bmp25-0001BO-8y
 for 24489@debbugs.gnu.org; Wed, 21 Sep 2016 17:26:22 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.6 required=5.0 tests=BAYES_05,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:44439)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@gnu.org>)
 id 1bmp25-0001BA-6S
 for 24489@debbugs.gnu.org; Wed, 21 Sep 2016 17:26:21 -0400
Received: from rms by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rms@gnu.org>)
 id 1bmp24-0002tc-Bz; Wed, 21 Sep 2016 17:26:20 -0400
Content-Type: text/plain; charset=Utf-8
From: Richard Stallman <rms@gnu.org>
To: Glenn Morris <rgm@gnu.org>
In-reply-to: <7ca8f2ur15.fsf@fencepost.gnu.org> (message from Glenn Morris on
 Tue, 20 Sep 2016 18:48:06 -0400)
Subject: Re: bug#24489: efaq: security risks
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
Message-Id: <E1bmp24-0002tc-Bz@fencepost.gnu.org>
Date: Wed, 21 Sep 2016 17:26:20 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.1 (--------)
X-Debbugs-Envelope-To: 24489
Cc: 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: rms@gnu.org
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.1 (--------)

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > 2) using an Emacs mail client to view HTML mail is a security risk if remote
  > content is fetched (I think it isn't by default, but this might not
  > apply to every client)

Could you explain why you think it is a security risk?

-- 
Dr Richard Stallman
President, Free Software Foundation (gnu.org, fsf.org)
Internet Hall-of-Famer (internethalloffame.org)
Skype: No way! See stallman.org/skype.html.





From debbugs-submit-bounces@debbugs.gnu.org Thu Sep 22 06:56:48 2016
Received: (at 24489) by debbugs.gnu.org; 22 Sep 2016 10:56:48 +0000
Received: from localhost ([127.0.0.1]:60262 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bn1gK-0002Zh-EB
	for submit@debbugs.gnu.org; Thu, 22 Sep 2016 06:56:48 -0400
Received: from mail-pa0-f41.google.com ([209.85.220.41]:34869)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <tzz@lifelogs.com>) id 1bn1gE-0002ZJ-Ts
 for 24489@debbugs.gnu.org; Thu, 22 Sep 2016 06:56:42 -0400
Received: by mail-pa0-f41.google.com with SMTP id oz2so28297996pac.2
 for <24489@debbugs.gnu.org>; Thu, 22 Sep 2016 03:56:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:cc:subject:organization:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:user-agent
 :mime-version; bh=tgHfP2tZU8NgDlEb6pAk+M0sG+hUPp2gsRW5HvwnaBY=;
 b=pjkCz/HfcU4YpWWelclI6eYk7pWuCA6gvVYPqPocWcyszDalQZsmLLUwQYYHnmZpHY
 mXQIlwFOMph7FfPkj5XIyhzv1XzwC4tP5je1XjYP25pwiMqoDD9+n9W+d6Ib3FpJBz+H
 HR30dc3zHatGaUa8iQ+/13u3Sh4ZpJfY5/yoc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:organization:references
 :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=tgHfP2tZU8NgDlEb6pAk+M0sG+hUPp2gsRW5HvwnaBY=;
 b=lE6Z2j7cjJcjAVCsMaM3RWNywb47iMoGyiUrVLl038ajkRQ+Dl/qJBz4elpkpKVMDz
 0WAAhe0AfrM1KBUPP2clJvvhkzvSaAehP8K7TwyXTG/IxFSlbWvdYZde92U1rCQiyVYw
 fSaM4isenEHpjMmsWKW1CKDpCBqvpaxVsZRsUtJ8ifyYd//U0PK/hrWhtw1sfFeksMXI
 fxtlZCDTBRpkCUgzSz9wTcGoMl43dtHdG5F0xQlPiwxx5HEgMHiwEHxqVLDhxvIKdrTp
 35Qkw30CqXWqKRbkItH4377g6ik3wszIrVWydk1Ybx3Ai5JRQxfceI0YWC47fZOKyu3k
 uiqw==
X-Gm-Message-State: AE9vXwM18iuET3yUcj8hitAAb2HMs9A62mv98wM87fhtyTrl+l3GGDZv/+Z7v7yTj90F1A==
X-Received: by 10.66.144.5 with SMTP id si5mr2224624pab.158.1474541792970;
 Thu, 22 Sep 2016 03:56:32 -0700 (PDT)
Received: from flea (c-98-229-60-157.hsd1.ma.comcast.net. [98.229.60.157])
 by smtp.gmail.com with ESMTPSA id z187sm3212808pfz.39.2016.09.22.03.56.29
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 22 Sep 2016 03:56:32 -0700 (PDT)
From: Ted Zlatanov <tzz@lifelogs.com>
To: Richard Stallman <rms@gnu.org>
Subject: Re: bug#24489: efaq: security risks
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
 <7ca8f2ur15.fsf@fencepost.gnu.org>
 <E1bmp24-0002tc-Bz@fencepost.gnu.org>
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
 d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
 D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Thu, 22 Sep 2016 06:56:25 -0400
In-Reply-To: <E1bmp24-0002tc-Bz@fencepost.gnu.org> (Richard Stallman's message
 of "Wed, 21 Sep 2016 17:26:20 -0400, Wed,
 21 Sep 2016 00:53:13 +0200")
Message-ID: <87y42kciee.fsf_-_@lifelogs.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 24489
Cc: Glenn Morris <rgm@gnu.org>, Lars Ingebrigtsen <larsi@gnus.org>,
 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

On Wed, 21 Sep 2016 17:26:20 -0400 Richard Stallman <rms@gnu.org> wrote: 

>> 2) using an Emacs mail client to view HTML mail is a security risk if remote
>> content is fetched (I think it isn't by default, but this might not
>> apply to every client)

RS> Could you explain why you think it is a security risk?

On Wed, 21 Sep 2016 00:53:13 +0200 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Glenn Morris <rgm@gnu.org> writes:

>> 2) using an Emacs mail client to view HTML mail is a security risk if remote
>> content is fetched (I think it isn't by default, but this might not
>> apply to every client)
>> 
>> 3) viewing remote HTML content (eg with eww or xwidgets) is likewise a
>> potential security risk.

LI> Do you mean privacy risk?

Images and other resources can carry constructed data and be used as an
execution backdoor through browser or library bugs. The following don't
necessarily apply to Emacs, they are just examples of the variety and
severity of these attacks, which have risen in popularity as direct code
injection has become harder:

http://arstechnica.com/security/2016/05/easily-exploited-bug-exposes-huge-number-of-sites-to-code-execution-attacks/

http://www.pcworld.com/article/2950578/security/microsoft-rushes-out-emergency-security-update-to-fix-critical-windows-flaw.html

http://fortune.com/2016/07/20/apple-security-bug-password-steal-text/

That being said, privacy risks can also become security risks and I think
the FAQ could be extended to include both.

Ted




From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 23 16:39:22 2016
Received: (at 24489) by debbugs.gnu.org; 23 Sep 2016 20:39:22 +0000
Received: from localhost ([127.0.0.1]:33727 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bnXFi-0002ft-8t
	for submit@debbugs.gnu.org; Fri, 23 Sep 2016 16:39:22 -0400
Received: from eggs.gnu.org ([208.118.235.92]:50099)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rms@gnu.org>) id 1bnXFg-0002fh-TA
 for 24489@debbugs.gnu.org; Fri, 23 Sep 2016 16:39:21 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rms@gnu.org>) id 1bnXFa-0000cG-Mo
 for 24489@debbugs.gnu.org; Fri, 23 Sep 2016 16:39:15 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:54488)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@gnu.org>)
 id 1bnXFK-0000KP-HE; Fri, 23 Sep 2016 16:38:58 -0400
Received: from rms by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rms@gnu.org>)
 id 1bnXFI-0005ex-Io; Fri, 23 Sep 2016 16:38:56 -0400
Content-Type: text/plain; charset=Utf-8
From: Richard Stallman <rms@gnu.org>
To: Ted Zlatanov <tzz@lifelogs.com>
In-reply-to: <87y42kciee.fsf_-_@lifelogs.com> (message from Ted Zlatanov on
 Thu, 22 Sep 2016 06:56:25 -0400)
Subject: Re: bug#24489: efaq: security risks
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
 <7ca8f2ur15.fsf@fencepost.gnu.org>
 <E1bmp24-0002tc-Bz@fencepost.gnu.org> <87y42kciee.fsf_-_@lifelogs.com>
Message-Id: <E1bnXFI-0005ex-Io@fencepost.gnu.org>
Date: Fri, 23 Sep 2016 16:38:56 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.1 (--------)
X-Debbugs-Envelope-To: 24489
Cc: rgm@gnu.org, larsi@gnus.org, 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: rms@gnu.org
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.1 (--------)

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > Images and other resources can carry constructed data and be used as an
  > execution backdoor through browser or library bugs. The following don't
  > necessarily apply to Emacs, they are just examples of the variety and
  > severity of these attacks, which have risen in popularity as direct code
  > injection has become harder:

It is no use telling people, "Be afraid of browsing."
If we can't give any advice more specific than that, it would
be a useless annoyance.

-- 
Dr Richard Stallman
President, Free Software Foundation (gnu.org, fsf.org)
Internet Hall-of-Famer (internethalloffame.org)
Skype: No way! See stallman.org/skype.html.





From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 23 22:46:14 2016
Received: (at 24489) by debbugs.gnu.org; 24 Sep 2016 02:46:14 +0000
Received: from localhost ([127.0.0.1]:33785 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bncyj-0003YR-T5
	for submit@debbugs.gnu.org; Fri, 23 Sep 2016 22:46:14 -0400
Received: from mail-pa0-f46.google.com ([209.85.220.46]:35173)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <tzz@lifelogs.com>) id 1bncyh-0003Y9-Me
 for 24489@debbugs.gnu.org; Fri, 23 Sep 2016 22:46:12 -0400
Received: by mail-pa0-f46.google.com with SMTP id oz2so45369244pac.2
 for <24489@debbugs.gnu.org>; Fri, 23 Sep 2016 19:46:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:cc:subject:organization:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:user-agent
 :mime-version; bh=ShKOLUqJ6J6+yI2x8pUqecrk37U4rlQ0exv/mavKoqo=;
 b=PSt6bBJ1v9rTBK1hU0rImFqR5Z0ap02qu9lS+Fq/Nm1DXvmCIdDV6F0UR3IYQG2dJJ
 x44YAsdtN2UDc399Sn4t/S+/dJg4hmn16aOrxiaiJPnRmxpWxQTqI8mfjY5jqpFYLnN1
 8wjfxNvV1ABYTyAyK7O2uNkvElWt0za2DTUZA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:organization:references
 :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=ShKOLUqJ6J6+yI2x8pUqecrk37U4rlQ0exv/mavKoqo=;
 b=h2+ID7mDJ7n5bsMMnkIhEKvvrposebaQ5NZYdgsjQKssI+CM+oocvcz+JFGBpMS59l
 X/RHxFLtqDf3r3eiBHE3AcZz5ACFnCdZyeF+rydfvCYr8NRTEFI5jjUtGa29Gu8Uz4QM
 NhCLluysJcq6VBdRipDyJdwXhyJmJ/TXh8Zu9vmHDU4Zl6Wtyr4w1wkOjI5nnyyrDwgy
 Nz6MM3PuMq0YKPKx/Jg3ASnJwK1etBy1/Hxsr9DI9+o/B5rjh1Y4WPSawEpzbnDUcjOl
 czo7MVMXrojBqxcf60obSlhX4HkrkZ+GiOaBX/w/FZmI46sXGP9AI75/BvUUtpok7ho1
 6rww==
X-Gm-Message-State: AE9vXwOjKmiUsZHKa5JKdNU1bMJQI2WQDJMG+EUcvZ37QS1diMQvF95PwNN3fMMPfu2sAw==
X-Received: by 10.66.197.228 with SMTP id ix4mr17465708pac.47.1474685165854;
 Fri, 23 Sep 2016 19:46:05 -0700 (PDT)
Received: from flea (c-98-229-60-157.hsd1.ma.comcast.net. [98.229.60.157])
 by smtp.gmail.com with ESMTPSA id p73sm13731870pfk.60.2016.09.23.19.46.02
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Fri, 23 Sep 2016 19:46:04 -0700 (PDT)
From: Ted Zlatanov <tzz@lifelogs.com>
To: Richard Stallman <rms@gnu.org>
Subject: Re: bug#24489: efaq: security risks
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
 <7ca8f2ur15.fsf@fencepost.gnu.org>
 <E1bmp24-0002tc-Bz@fencepost.gnu.org> <87y42kciee.fsf_-_@lifelogs.com>
 <E1bnXFI-0005ex-Io@fencepost.gnu.org>
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
 d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
 D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Fri, 23 Sep 2016 22:45:59 -0400
In-Reply-To: <E1bnXFI-0005ex-Io@fencepost.gnu.org> (Richard Stallman's message
 of "Fri, 23 Sep 2016 16:38:56 -0400")
Message-ID: <87intmypzs.fsf@lifelogs.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 24489
Cc: larsi@gnus.org, 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

On Fri, 23 Sep 2016 16:38:56 -0400 Richard Stallman <rms@gnu.org> wrote: 

RS> [[[ To any NSA and FBI agents reading my email: please consider    ]]]
RS> [[[ whether defending the US Constitution against all enemies,     ]]]
RS> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]

>> Images and other resources can carry constructed data and be used as an
>> execution backdoor through browser or library bugs. The following don't
>> necessarily apply to Emacs, they are just examples of the variety and
>> severity of these attacks, which have risen in popularity as direct code
>> injection has become harder:

RS> It is no use telling people, "Be afraid of browsing."

The original suggestion by Glenn was to say that remote HTML content is
a potential security risk. That's a statement of fact and I gave
supporting evidence. Those risks apply to Emacs users, but I don't think
anyone proposed "be afraid" to be the message we should give.

RS> If we can't give any advice more specific than that, it would
RS> be a useless annoyance.

Certainly. The FAQ can link to external resources, for instance. I think
in the FAQ we should at least list the libraries that Emacs uses to
render remote content (SVG, XML, PNG, etc.) so the user is aware of
those dependencies and will keep them up to date.

But the method for that depends on the platform, so... do we explain in
the FAQ? Does Emacs itself warn when libraries are out of date? I don't
know.

Ted




From debbugs-submit-bounces@debbugs.gnu.org Sun Sep 25 13:15:41 2016
Received: (at 24489) by debbugs.gnu.org; 25 Sep 2016 17:15:41 +0000
Received: from localhost ([127.0.0.1]:35757 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1boD1h-0006Q9-Kf
	for submit@debbugs.gnu.org; Sun, 25 Sep 2016 13:15:41 -0400
Received: from eggs.gnu.org ([208.118.235.92]:36896)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rms@gnu.org>) id 1boD1g-0006Pw-1N
 for 24489@debbugs.gnu.org; Sun, 25 Sep 2016 13:15:40 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rms@gnu.org>) id 1boD1Z-0004AL-Ps
 for 24489@debbugs.gnu.org; Sun, 25 Sep 2016 13:15:34 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:56616)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@gnu.org>)
 id 1boD1J-00046h-MB; Sun, 25 Sep 2016 13:15:17 -0400
Received: from rms by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rms@gnu.org>)
 id 1boD1I-000817-Uo; Sun, 25 Sep 2016 13:15:16 -0400
Content-Type: text/plain; charset=Utf-8
From: Richard Stallman <rms@gnu.org>
To: Ted Zlatanov <tzz@lifelogs.com>
In-reply-to: <87intmypzs.fsf@lifelogs.com> (message from Ted Zlatanov on Fri, 
 23 Sep 2016 22:45:59 -0400)
Subject: Re: bug#24489: efaq: security risks
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
 <7ca8f2ur15.fsf@fencepost.gnu.org>
 <E1bmp24-0002tc-Bz@fencepost.gnu.org> <87y42kciee.fsf_-_@lifelogs.com>
 <E1bnXFI-0005ex-Io@fencepost.gnu.org> <87intmypzs.fsf@lifelogs.com>
Message-Id: <E1boD1I-000817-Uo@fencepost.gnu.org>
Date: Sun, 25 Sep 2016 13:15:16 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.1 (--------)
X-Debbugs-Envelope-To: 24489
Cc: larsi@gnus.org, 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Reply-To: rms@gnu.org
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.1 (--------)

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > RS> It is no use telling people, "Be afraid of browsing."

  > The original suggestion by Glenn was to say that remote HTML content is
  > a potential security risk.

Is there a significant difference?  I don't see it.
"Browsing" means "looking at remote HTML from web sites".


(Please don't refer to publications or works as "content".
See http://gnu.org/philosophy/words-to-avoid.html.)

    Certainly. The FAQ can link to external resources, for instance. I think
    in the FAQ we should at least list the libraries that Emacs uses to
    render remote content (SVG, XML, PNG, etc.) so the user is aware of
    those dependencies and will keep them up to date.

This will require updating, and I don't see that it will benefit
anyone.  Thus, I think it is better if we don't put this in.

-- 
Dr Richard Stallman
President, Free Software Foundation (gnu.org, fsf.org)
Internet Hall-of-Famer (internethalloffame.org)
Skype: No way! See stallman.org/skype.html.





From debbugs-submit-bounces@debbugs.gnu.org Tue Aug 11 21:38:22 2020
Received: (at 24489) by debbugs.gnu.org; 12 Aug 2020 01:38:22 +0000
Received: from localhost ([127.0.0.1]:42235 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1k5fig-0004C0-Hc
	for submit@debbugs.gnu.org; Tue, 11 Aug 2020 21:38:22 -0400
Received: from mail-yb1-f174.google.com ([209.85.219.174]:40488)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@gmail.com>) id 1k5fic-0004Bi-Cu
 for 24489@debbugs.gnu.org; Tue, 11 Aug 2020 21:38:21 -0400
Received: by mail-yb1-f174.google.com with SMTP id q3so492611ybp.7
 for <24489@debbugs.gnu.org>; Tue, 11 Aug 2020 18:38:18 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:in-reply-to:references:user-agent
 :mime-version:date:message-id:subject:to:cc;
 bh=fulqd1FQlwFFODBwYXVr1ODVjIuA5WsB3bpkyuJW8fA=;
 b=jY8IlKSVO4WSUa1fT3xgMrjKJwCtRRTNH1U2o5/CVMubgxkFCkYo1ZUJ88XZUn0+lR
 4V1oAAQMJVUYukSiHQFxFfk5tXlJOhBzMUOO6FNV6ixqoT+8HGPaQHQXsm1/PfGh+nTC
 klfQtoQ1xYm4CrNP4Kr+s3pZAPuRkaiIB/5Y4qTUOrey/Fw0lNgyQQpXTQ+hIYFNAUtD
 jMQp7NRX+VLr1k9wFWivvHGb56k3eELNHB9s9DIVICvtGnvSCfha/Ueo69nWBWKidDo1
 rEn9+yANiJ2/P+bnFZRb97Z4p5XDb88lTj2HcMwk6kmiimA85+as5VlZmmDxEagiALXk
 Xl8g==
X-Gm-Message-State: AOAM531pgDXB8nlFQtslMSDnLmzla6MSHXO1nSLZWhisuRNVL9akZ7ta
 s7SDuku7vV0SCS0BEckuUoaByy3MA/teBad7rGA=
X-Google-Smtp-Source: ABdhPJypXMaculMYgVA0WSa/6nP6KLvuJK853Vp+MV9kCyaOs/bIvXvH41FiTe1pub+JOfXL7oocLb6QNHz9bAgpjNU=
X-Received: by 2002:a25:b290:: with SMTP id k16mr21391006ybj.389.1597196292831; 
 Tue, 11 Aug 2020 18:38:12 -0700 (PDT)
Received: from 753933720722 named unknown by gmailapi.google.com with
 HTTPREST; Tue, 11 Aug 2020 18:38:12 -0700
From: Stefan Kangas <stefan@marxist.se>
In-Reply-To: <7ca8f2ur15.fsf@fencepost.gnu.org> (Glenn Morris's message of
 "Tue, 20 Sep 2016 18:48:06 -0400")
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)
MIME-Version: 1.0
Date: Tue, 11 Aug 2020 18:38:12 -0700
Message-ID: <CADwFkmkA5ddNYRckbOkReiEtN_KqJHg_KO=VTVvMEydJuRn+zw@mail.gmail.com>
Subject: Re: bug#24489: efaq: security risks
To: Glenn Morris <rgm@gnu.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 24489
Cc: 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Glenn Morris <rgm@gnu.org> writes:

> The (very crufty) Emacs FAQ contains a section:
>
>    "Are there any security risks in Emacs?"
>
> The stuff about movemail and synthetic X events is archaic.

The movemail stuff was removed in 61223a046c (Bug#37818).

What do you think we should do about synthetic X events?

> There is no mention of the more current problems:
>
> 1) installing a package runs arbitrary code
> Better make sure you trust whoever gave you that package (gpg signing)
> and how you got it (https), etc.

This was added in the same commit 61223a046c.

> 2) using an Emacs mail client to view HTML mail is a security risk if remote
> content is fetched (I think it isn't by default, but this might not
> apply to every client)

Is it important to warn about this privacy issue here?  I would expect
that any sensible Emacs MUA would disable remote fetching by default,
and document the issues with enabling it.

> 3) viewing remote HTML content (eg with eww or xwidgets) is likewise a
> potential security risk.

True, but isn't this a bit too general to be useful in the context of
the FAQ?

Best regards,
Stefan Kangas




From debbugs-submit-bounces@debbugs.gnu.org Sat Jan 29 11:51:18 2022
Received: (at 24489) by debbugs.gnu.org; 29 Jan 2022 16:51:18 +0000
Received: from localhost ([127.0.0.1]:34586 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1nDqwX-0000jF-QT
	for submit@debbugs.gnu.org; Sat, 29 Jan 2022 11:51:17 -0500
Received: from quimby.gnus.org ([95.216.78.240]:54712)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@gnus.org>) id 1nDqwW-0000j0-33
 for 24489@debbugs.gnu.org; Sat, 29 Jan 2022 11:51:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org;
 s=20200322; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:
 References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=KXebq6i9s633VG+vnKxUStCL7QysoEUDVkwKmJ1PVB0=; b=Ke9FzlPR0+zfg5Capi4KhB3/zb
 +ik54NFz0dEvGFF19rg4bDxRpunKXLEbZGgo0Usg9bWXqsgJw+Y0p2y9RaHDlDOyXlTiT0Q48pGpF
 lArjz3jCBiWBWDMrtU6XCvLrmbDpVlEkAFycgDI8vUC/2dUP3ujjcZkd8Wm7vsvvbWTk=;
Received: from [84.212.220.105] (helo=giant)
 by quimby.gnus.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.92) (envelope-from <larsi@gnus.org>)
 id 1nDqwM-0004ip-Kc; Sat, 29 Jan 2022 17:51:09 +0100
From: Lars Ingebrigtsen <larsi@gnus.org>
To: Stefan Kangas <stefan@marxist.se>
Subject: Re: bug#24489: efaq: security risks
References: <7ca8f2ur15.fsf@fencepost.gnu.org>
 <CADwFkmkA5ddNYRckbOkReiEtN_KqJHg_KO=VTVvMEydJuRn+zw@mail.gmail.com>
X-Now-Playing: Depeche Mode's _Stripped_: "Stripped"
Date: Sat, 29 Jan 2022 17:51:05 +0100
In-Reply-To: <CADwFkmkA5ddNYRckbOkReiEtN_KqJHg_KO=VTVvMEydJuRn+zw@mail.gmail.com>
 (Stefan Kangas's message of "Tue, 11 Aug 2020 18:38:12 -0700")
Message-ID: <878ruy8ozq.fsf@gnus.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 Content preview: Stefan Kangas <stefan@marxist.se> writes: >> 3) viewing
 remote
 HTML content (eg with eww or xwidgets) is likewise a >> potential security
 risk. I've now added a couple of sentences about this. 
 Content analysis details:   (-2.9 points, 5.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 24489
Cc: Glenn Morris <rgm@gnu.org>, 24489@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Stefan Kangas <stefan@marxist.se> writes:

>> 3) viewing remote HTML content (eg with eww or xwidgets) is likewise a
>> potential security risk.

I've now added a couple of sentences about this.

And I've removed the bit about X -- I doubt it's been relevant the last
few decades (as all X installations comes locked down).

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




From debbugs-submit-bounces@debbugs.gnu.org Sat Jan 29 11:51:22 2022
Received: (at control) by debbugs.gnu.org; 29 Jan 2022 16:51:22 +0000
Received: from localhost ([127.0.0.1]:34589 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1nDqwc-0000jV-0X
	for submit@debbugs.gnu.org; Sat, 29 Jan 2022 11:51:22 -0500
Received: from quimby.gnus.org ([95.216.78.240]:54728)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@gnus.org>) id 1nDqwb-0000j8-8T
 for control@debbugs.gnu.org; Sat, 29 Jan 2022 11:51:21 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org;
 s=20200322; h=Subject:From:To:Message-Id:Date:Sender:Reply-To:Cc:
 MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=lLIVtkgaYjfUg99FJ12XkdnBkimEtgn1iRN/6qob+Uo=; b=WVJvTmIi/mQpOPeRfp0XjA552e
 df+w75ggPKPSbNNvV1Mh4vvHhsZJenJG0+q9xiJfaHaoapg2/f9+XMLzegOJPIquObYdCKumYolUT
 ccGE2UlaRVgG/eTd98FawKwsJJ8kd/yT2pDn4TuRi/98wq66Wd4xdsSZkVrQGLlJJ+Fk=;
Received: from [84.212.220.105] (helo=giant)
 by quimby.gnus.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.92) (envelope-from <larsi@gnus.org>) id 1nDqwT-0004j0-64
 for control@debbugs.gnu.org; Sat, 29 Jan 2022 17:51:15 +0100
Date: Sat, 29 Jan 2022 17:51:12 +0100
Message-Id: <877dai8ozj.fsf@gnus.org>
To: control@debbugs.gnu.org
From: Lars Ingebrigtsen <larsi@gnus.org>
Subject: control message for bug #24489
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 Content preview:  close 24489 29.1 quit 
 Content analysis details:   (-2.9 points, 5.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.0 ALL_TRUSTED            Passed through trusted hosts only via SMTP
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

close 24489 29.1
quit





From unknown Fri Sep 05 18:46:59 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Sun, 27 Feb 2022 12:24:06 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator