emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Image mode

From: Slawomir Nowaczyk
Subject: Re: Image mode
Date: Tue, 06 Feb 2007 12:09:07 +0100 
On Sun, 04 Feb 2007 20:40:39 -0500
Chong Yidong <address@hidden> wrote:

#> Juri Linkov <address@hidden> writes:
#> 
#> > A different case is image autodetection.  When the image file has an
#> > extension unusual for image files or has no extension at all, then it
#> > would be a (possibly bad) surprise for the user to see it displayed as
#> > an image.  I agree that there should be an option that by default before
#> > displaying the image from files with non-image extensions should either
#> > ask for confirmation before visiting such file in image-mode, or (better)
#> > visit the file just in image-minor-mode with more explanations shown
#> > in the echo area.
#> 
#> As Richard has argued, IF displaying an image can cause a security
#> risk, it doesn't matter whether or not that image was autodetected or
#> had the relevant file name.  So let's please not worry about this.

I disagree. For me, at least, *all* that matters is if the filename
matches the image contents.

About the only case when I care about security when opening images are
things which I receive in emails (sure, there is a chance a virus image
sits somewhere on my disk or on one of the web pages I view, but if that
is the case, then I am likely to fall victim to it anyway, because I
will likely open it in something else than Emacs).

What I am interested in is making sure that I am safe when I receive an
email containing attachment with .txt or .c extension and I decide to
view it in Emacs. I do *not* want it to display it as an image *without*
asking for confirmation (one way or another).

OTOH, if I decide to open an attachment with .jpeg extension, then I am
apparently willing to trust the source and I am perfectly OK with Emacs
displaying it as an image (if Emacs refuses to display such images, I
will just use Firefox or IrfanView, which are more or less equally
susceptible to attacks)...

Please, trust the user! If I say I want Emacs to open a.jpeg, that means
I want to open an image. If I say I want Emacs to open a.txt, then I
expect this action to be safe.

YMMV, of course, and I do not require the above to the *default*
configuration, but _please_ make this behaviour possible -- and,
preferably, easy to achieve because I really believe that is the only
sane configuration for security-aware users.

-- 
 Best wishes,
   Slawomir Nowaczyk
     ( address@hidden )

The glass is not half full, nor half empty. The glass is just too big.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]