Quoth Pieter Praet on Jan 19 at 11:23 pm: > On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay <aaronecay@gmail.com> wrote: > > Emacs message-mode uses certain text strings to indicate how to attach > > files to outgoing mail. If these are present in the text of an email, > > and a user is tricked into replying to the message, the user’s files > > could be exposed. > > --- > > > > To demonstrate this, open a reply to this message then remove the > > exclamation marks after the hash marks below. Create a file in your > > home directory called passwd. Then press C-u M-x mml-preview. A > > (possibly base64-encoded) version of your ~/passwd file will replace > > the following lines: > > > > <#!part type="application/octet-stream" filename="~/passwd" > > disposition=attachment description=foo> > > <#!/part> > > > > It works equally well (and more dangerously) with /etc/passwd, but I > > didn't use that filename here to avoid the danger of someone > > accidentally attaching their /etc/passwd to a reply in this thread! > > > > emacs/notmuch-mua.el | 3 ++- > > 1 files changed, 2 insertions(+), 1 deletions(-) > > > > diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el > > index d8ab822..c25c6b9 100644 > > --- a/emacs/notmuch-mua.el > > +++ b/emacs/notmuch-mua.el > > @@ -115,7 +115,8 @@ list." > > (push-mark)) > > (set-buffer-modified-p nil) > > > > - (message-goto-body)) > > + (message-goto-body) > > + (mml-quote-region (point) (mark))) > > > > (defun notmuch-mua-forward-message () > > (message-forward) > > Wow, nice catch! You've just earned yourself a raise! Indeed. > An urgent +1 ! > > > ### OT: > For some reason, `mml-quote-region' explicitly re-quotes > already quoted MML tags: > > "<#!*/?\\(multipart\\|part\\|external\\|mml\\)" > > Why is that ? Probably so the transformation is invertible, though as far as I can tell there's no mml-unquote-region.