[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: oauth2 support for Emacs email clients
From: |
Alexandre Garreau |
Subject: |
Re: oauth2 support for Emacs email clients |
Date: |
Wed, 11 Aug 2021 08:37:36 +0200 |
Le mardi 10 août 2021, 17:56:58 CEST David Engster a écrit :
> >> Well, you could just use Thunderbird's. It's all right here:
> >>
> >> https://github.com/mozilla/releases-comm-central/blob/master/mailnews
> >> /base/src/OAuth2Providers.jsm
> >>
> >> You shouldn't though, because that could get you in trouble.
> >>
> >> While all this stuff is essentially security theatre, good luck
> >> explaining that to your IT security department...
> >
> > I explained to my IT administrator that I'd like to use Emacs for
> > email. Others should too. There's no shame in it. :-)
>
> That's not what I meant. Your administrators might think that they have
> only allowed Thunderbird to access IMAP, while in reality they have
> whitelisted everything, because you can trivially copy the client-ID and
> -secret from Thunderbird's source. That's what I mean with "security
> theatre" - everyone's just sticking to the script.
If there is a trivial, secure and documented way of “whitelisting” some
app from network, it means they would have a way to verify the secret,
hence it would be somewhat trivial to get in not from sources but from the
binaries of many programs as well, I believe u.u
- Re: oauth2 support for Emacs email clients, (continued)
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/08
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/08
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/08
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/08
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/08
- Re: oauth2 support for Emacs email clients, Roland Winkler, 2021/08/08
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/09
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/10
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/10
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/10
- Re: oauth2 support for Emacs email clients,
Alexandre Garreau <=
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/10
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/11
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/12
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/10
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/14
- Re: oauth2 support for Emacs email clients, Gregory Heytings, 2021/08/14
- Re: oauth2 support for Emacs email clients, Tim Cross, 2021/08/08
- Re: oauth2 support for Emacs email clients, Eric S Fraga, 2021/08/09
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/09
- Re: oauth2 support for Emacs email clients, Tim Cross, 2021/08/10