Gpg is exposed to some zip bomb problems last I looked. But the worst that
could do is fill your disk or crash your Emacs, right? And I suspect the MIME
library exposes similar issues in quantity.
--
Brian Sniffen
On Jul 10, 2017, at 4:42 PM, Daniel Kahn Gillmor <dkg@xxxxxxxxxxxxxxxxx>
wrote:
On Sun 2017-07-09 07:46:14 -0300, David Bremner wrote:
There are some cases like remote usage where this might cause
problems, but those users can easily customize the variable. The
inconvenience seems to be outweighed by the security benefit for most
users.
lgtm. i'm not sure that this change is technically a "security
benefit", though, it looks more like a "usability benefit", since the
main use of process-crypto is likely to be decrypting messages.
for signature verification, there's some small security benefit, but
since it's mainly exposure of interesting information to the user (as
opposed to blocking users from doing unsafe things) it's still probably
more on the usability side than security.
still, i think it's a good change. If it uncovers performance problems
on use cases that normal people care about, hopefully we can get
examples of those use cases and get the performance problems fixed
(rather than just encouraging those users to set the flag to nil).
--dkg
_______________________________________________
notmuch mailing list
notmuch@xxxxxxxxxxxxxxx
https://notmuchmail.org/mailman/listinfo/notmuch
