[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: package.el + DVCS for security and convenience

From: Stephen J. Turnbull
Subject: Re: package.el + DVCS for security and convenience
Date: Mon, 31 Dec 2012 21:32:02 +0900

Ted Zlatanov writes:

 > I do not plan to be a "security officer," to prove my credentials to
 > your satisfaction,

I didn't ask you to prove anything.  I was explaining why I was
worried.  I still am.

 > Similarly, Emacs needs a secure way to get data in and out of that
 > storage from external files or data.  Depending on an external binary
 > tool, *long-term*, to provide this transfer is IMO a poor security
 > decision for a platform such as Emacs.

Yeah, well, aren't you the guy who put just such an external binary
tool into Emacs, aka gnutls?  The question is whether dynamic linkage
is any safer than using the command line interface.

 > Because it will be perfect, obviously.

I haven't seen anything obviously perfect since the Cheryl Tiegs
Sports Illustrated cover.  Good luck beating that!<wink/>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]