[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GnuTLS for W32
|
From: |
Juanma Barranquero |
|
Subject: |
Re: GnuTLS for W32 |
|
Date: |
Fri, 6 Jan 2012 15:35:44 +0100 |
2012/1/6 Ted Zlatanov <address@hidden>:
> The intention is to do whatever is appropriate on the platform to let
> the user know they need to update and make the update easy.
There's no single, general definition of "appropriate".
> I'm not. The risk is not worth the effort with image libraries.
I don't understand why. Buffer overruns exploited through
carefully-crafted images have been used before. I would fear that (as
a vector for malware) much more than someone eavesdropping my
communications.
> You're ignoring the "deeply embedded" part. Obviously external
> utilities are not able to compromise Emacs like internal C glue. Can
> you stick to comparable components like the libxml2 glue?
See the image libraries comment above.
> If you don't think the package manager is important to our users, you've
> got your head stuck in the sand.
I don't know about "our" users, but certainly is unimportant to many
Emacs users (starting with myself).
And, please, let's not turn this discussion into a description of the
relative positions of our respective heads or other body parts.
> I appreciate your attention to detail, but "need" is the verb I meant to
> write there.
I don't doubt it. My correction turned what you said into what I
believe is real.
> SSH clients are not extensible layout engines with embedded interpreters
> and flexible package managers. As I keep saying, compare Emacs to
> Firefox and Chrome, not to `vim' or `ssh' and `grep'. It hasn't been
> just an editor in a long while. Eclipse is another good comparison
> point.
Compare it to Apache, which can be infinitely extended via external
modules and it's mission-critical for so many business.
> That's oversimplifying the problem, but yes, this is the fundamental
> question.
You think it's an oversimplification, I think it's approaching it in a
realistic way.
> I was planning on that next. How did you know?
With the head under the sand I had plenty of time to think, and I
started having premonitions.
> No, it's not like that at all. Intrusion detection and security
> advisories are completely different things.
I thought it was evident I was not comparing situations, but
inadequate feelings of security.
Juanma
- Re: NaCl support for Emacs, (continued)
- Re: NaCl support for Emacs (was: GnuTLS for W32), Richard Stallman, 2012/01/11
- Re: GnuTLS for W32, Stephen J. Turnbull, 2012/01/08
- Re: GnuTLS for W32, Eli Zaretskii, 2012/01/08
- Re: GnuTLS for W32, Ted Zlatanov, 2012/01/05
- Re: GnuTLS for W32, Juanma Barranquero, 2012/01/05
- Re: GnuTLS for W32, Ted Zlatanov, 2012/01/06
- Re: GnuTLS for W32,
Juanma Barranquero <=
- Re: GnuTLS for W32, Ted Zlatanov, 2012/01/06
- Re: GnuTLS for W32, Juanma Barranquero, 2012/01/06
- Re: GnuTLS for W32, Ted Zlatanov, 2012/01/06
- Re: GnuTLS for W32, Chong Yidong, 2012/01/07
- Re: GnuTLS for W32, Juanma Barranquero, 2012/01/07
- Re: GnuTLS for W32, Ted Zlatanov, 2012/01/07
- Re: GnuTLS for W32, Reiner Steib, 2012/01/07
- Re: GnuTLS for W32, Richard Riley, 2012/01/05
- Re: GnuTLS for W32, Juanma Barranquero, 2012/01/05
- Re: GnuTLS for W32, Eli Zaretskii, 2012/01/05