bug#28597: 26.0.60; [Security] Configure should use --without-pop by default

[Eli Zaretskii]

> From: nljlistbox2@gmail.com (N. Jackson)
> Cc: jwiegley@gmail.com,  eggert@cs.ucla.edu,  28597@debbugs.gnu.org, Robert 
> Pluim <rpluim@gmail.com>
> Date: Mon, 02 Oct 2017 13:22:01 -0400
> 
> >> There's nothing terribly odd about my system and if the warning
> >> message from config is true, then _by default_ I'm going to get
> >> built an insecure Emacs.
> >
> > Only if you use POP3 to fetch your mail.
> 
> This raised a question in my mind (which has probably already
> been considered and dealt with). When a user has an Emacs that's
> configured to use an insecure movemail for POP3, when they issue a
> command in Emacs that invokes it, do they get a warning from
> Emacs?

No, they don't.  But POP3 is not something movemail will silently use
by itself, the user needs to specify a POP3 "url", referencing the
server and the user's id (and possibly a password as well) for it to
do so.  So the user who does that _knows_ they use POP3.  IOW, a
deliberate user action is needed for POP3 to be used.

> Given that many users don't build their own Emacs, they'll not see
> a warning from configure, so it would seem sensible for them to be
> warned at run time. (Given that they won't want to be plagued with
> a warning every time they check their mail, I'm thinking of a
> warning that appears when a relevant command it used for the first
> time, similar to the way disabled commands work.)

We also don't warn them when they use HTTP or FTP from Emacs, on the
assumption that users know what they are doing.  There's a limit to
our ability to nag users in order to save them from themselves.  At
some point, we need to start treating them as responsible adults, IMO.