Re: [PATCH] emacs: change default for notmuch-crypto-process-mime to t

Subject: Re: [PATCH] emacs: change default for notmuch-crypto-process-mime to t

Date: Mon, 10 Jul 2017 20:48:40 -0400

To: Daniel Kahn Gillmor

Cc: David Bremner, notmuch@freelists.org, notmuch@notmuchmail.org

From: Brian Sniffen

Gpg is exposed to some zip bomb problems last I looked. But the worst that could do is fill your disk or crash your Emacs, right?  And I suspect the MIME library exposes similar issues in quantity. 

-- 
Brian Sniffen

> On Jul 10, 2017, at 4:42 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> 
>> On Sun 2017-07-09 07:46:14 -0300, David Bremner wrote:
>> There are some cases like remote usage where this might cause
>> problems, but those users can easily customize the variable. The
>> inconvenience seems to be outweighed by the security benefit for most
>> users.
> 
> lgtm.  i'm not sure that this change is technically a "security
> benefit", though, it looks more like a "usability benefit", since the
> main use of process-crypto is likely to be decrypting messages.
> 
> for signature verification, there's some small security benefit, but
> since it's mainly exposure of interesting information to the user (as
> opposed to blocking users from doing unsafe things) it's still probably
> more on the usability side than security.
> 
> still, i think it's a good change.  If it uncovers performance problems
> on use cases that normal people care about, hopefully we can get
> examples of those use cases and get the performance problems fixed
> (rather than just encouraging those users to set the flag to nil).
> 
>     --dkg
> _______________________________________________
> notmuch mailing list
> notmuch@notmuchmail.org
> https://notmuchmail.org/mailman/listinfo/notmuch

Thread: