Re: Image mode

[David Kastrup]

"Juanma Barranquero" <address@hidden> writes:

> On 2/6/07, David Kastrup <address@hidden> wrote:
>
>> Well, _we_ don't know about any vulnerabilities either at the moment,
>> so it would seem that it does not make much sense to talk about
>> anything in this discussion.
>
> Very funny, but obviously we were talking about the (possibility of)
> vulnerabilities the user *doesn't* know about...
>
>> Not that it does not feel like that...
>
> More and more...
>
>> And are you telling me that all the junk mails
>> that want me to click on something have a sender I know?
>
> No. I'm saying that the virus your computer will catch won't come in a
> .jpg file hiding as a .c or .txt or whatever. It will come in a .jpg
> "hiding" as a .jpg from a source you'll consider trusted or, at the
> very least, non threatening.

But it cannot be the business of Emacs to decide about the
trustworthiness of a source.  It is the job of the user.  And it also
is the choice of the user whether he trusts a particular image library
for opening a particular file from a particular source.  The user
can't do this job if he is mistaken about the libraries that will
likely get used.

Anyway, I say you are wrong: lots of attacks are done by having people
click on links and/or let them open file types that look like they are
something different.

My arguments revolve about letting the user do his part with regard to
security, yours revolve about the user being incapable to do it, and
letting Emacs do a job that can't be done by it.

-- 
David Kastrup