Gpg is exposed to some zip bomb problems last I looked. But the worst that could do is fill your disk or crash your Emacs, right? And I suspect the MIME library exposes similar issues in quantity. -- Brian Sniffen > On Jul 10, 2017, at 4:42 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > >> On Sun 2017-07-09 07:46:14 -0300, David Bremner wrote: >> There are some cases like remote usage where this might cause >> problems, but those users can easily customize the variable. The >> inconvenience seems to be outweighed by the security benefit for most >> users. > > lgtm. i'm not sure that this change is technically a "security > benefit", though, it looks more like a "usability benefit", since the > main use of process-crypto is likely to be decrypting messages. > > for signature verification, there's some small security benefit, but > since it's mainly exposure of interesting information to the user (as > opposed to blocking users from doing unsafe things) it's still probably > more on the usability side than security. > > still, i think it's a good change. If it uncovers performance problems > on use cases that normal people care about, hopefully we can get > examples of those use cases and get the performance problems fixed > (rather than just encouraging those users to set the flag to nil). > > --dkg > _______________________________________________ > notmuch mailing list > notmuch@notmuchmail.org > https://notmuchmail.org/mailman/listinfo/notmuch