bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#31946: 27.0.50; The NSM should warn about more TLS problems


From: Eli Zaretskii
Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Tue, 26 Jun 2018 17:38:28 +0300

> From: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
> Date: Tue, 26 Jun 2018 07:26:20 +0100
> Cc: Lars Ingebrigtsen <larsi@gnus.org>, 31946@debbugs.gnu.org
> 
> 1. Forget about defining what tests belongs in what levels, there should just 
> be one level which is the default
> sets of tests, let's call this coarse grain setting.
> 2. Fine grain settings should only allow you to **add** to the default list 
> of checks, so it will be a defcustom of
> an alist (there's prior art of this), let's call this `nsm-additional-checks`
> 3. We can predefine a bunch of check functions that users can add to 
> `nsm-additional-checks` without having
> to write their own.

FWIW, I don't think this will fly with our users: Emacs users don't
like to be second-guessed, nor be told that "Emacs knows better".  And
even if we do go that way, Emacs is not a black box: people will soon
enough discover what we want to conceal, and will do what they want
regardless.

What we can, and probably should, do is prominently document each test
and warn against removing or weakening those which will expose users
to security vulnerabilities.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]