[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emacs RPC security

From: Ted Zlatanov
Subject: Re: Emacs RPC security
Date: Mon, 25 Apr 2011 14:43:47 -0500
User-agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux)

On Mon, 25 Apr 2011 11:17:02 -0700 Daniel Colascione <address@hidden> wrote: 

DC> On 4/25/11 11:02 AM, Ted Zlatanov wrote:

>> Of course, since the security is so weak right now, no one is using it
>> outside a limited one-user so you haven't seen any unusual cases.  I
>> would use it personally as a remote password server so all my
>> auth-source data doesn't live on all the machines I use.  I would also
>> use it to implement a remote synchronization facility for Gnus and BBDB.

DC> That's a fine goal, but you don't need to implement the requisite
DC> security in Emacs proper.  stunnel will give you a secure channel and,
DC> with client certificates, can authenticate both parties.  

I'd rather not rely on stunnel or any other external utilities.  My
experience with supporting them with Gnus, especially for W32 users, has
been painful.

DC> I'd prefer not to have a GnuTLS server in Emacs right now.

Even if stunnel works for some cases, I don't see why you're against a
built-in GnuTLS server now.  Are you concerned about performance and
memory usage, code bloat and maintenance cost, security issues,
documentation, user confusion, or something else?  Or do you mean you
want to delay the functionality until something else is done?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]