Re: Network security manager

[Ted Zlatanov]

On Tue, 18 Nov 2014 18:57:15 +0100 Lars Magne Ingebrigtsen <address@hidden> 
wrote: 

LMI> Ted Zlatanov <address@hidden> writes:

LMI> What are the security implications of inserting an image from a source
LMI> we can't validate?
>> 
>> Malicious binary payloads in images are quite common.  There are also
>> attacks/exploits/hacks that load Javascript from images.

LMI> I really hope we don't have any exploitable bugs in the image handling
LMI> code.

On many platforms (NS comes to mind) image handling happens before Emacs
knows about it.  So this is not necessarily an Emacs issue.

Here's a list of libpng (just picking one library out of many that Emacs
uses) CVEs: 
http://www.cvedetails.com/vulnerability-list/vendor_id-7294/Libpng.html

Do we care? I do, others may not. Regardless, I don't think Emacs should
choose to sometimes disregard the HTTP/S channel's security checks.  If
it does, it would be a rather unique web browser.

>> OK with me, that's a good solution for this particular case.  But there
>> will be others where you can't see the things that went wrong in the
>> background.  I suggested a modeline indicator previously... it's better
>> than silent failure, right?

LMI> Well...  No, annoying the user with things the user doesn't care about
LMI> is worse than silent failure.  >"?

I don't think a passive indicator e.g. in the modeline is annoying. If
you make the list of failures accessible somehow, the rest can be done
by add-ons, so we don't need to figure it out now.

Ted