Re: Idea for gnome e-mail client

From: Peter Williams <peter newton cx>
To: Kent Schumacher <kschumacher uswest net>
Cc: Gnome developers <gnome-devel-list gnome org>
Subject: Re: Idea for gnome e-mail client
Date: Sat, 6 May 2000 14:01:33 -0400

On Sat, 06 May 2000 11:12:22 Kent Schumacher wrote:
> 
> I ran across an interesting idea that might be worth considering for
> gnome e-mail clients.  The article link is below.  To summarize,
> the author proposes developing an API to scan e-mail content
> which can catagorize an e-mail threat potential.
> 
> I also had the thought that it might be nice to be able to view high
> threat e-mail in a chroot'ed e-mail client.
> 
> http://www.linuxplanet.com/linuxplanet/reports/1800/4/
> 
> Just thinking on a Saturday morning,
> kent
> 

We were talking about this on balsa-list... basically, since
we're on multiuser systems, unless you're running your mail client
as root, you can't do too much damage to your system. And honestly,
if you're running a mail client like Balsa as root, you deserve
whatever you get :-)

[ I might note that under Linux, at least, you must be root to
do a chroot() ]

Of course, you could still theoretically lose your home directory
and all your personal data. To prevent that isn't a big deal:

1) Don't execute anything automatically.
2) If you feel like you must execute something that came floating
 along in an email, give the user a big fat warning dialog. If the
 user is not smart enough to make sure that the script is safe,
 there's nothing we can do about that.
3) If you must implement some kind of scripting language, make sure
 that you can sandbox it.

-- 
==============================
Peter Williams peter@newton.cx
"AIIEEEEEEEEE!!! DEATH ANTS!!"

Follow-Ups:
- Re: Idea for gnome e-mail client
  - From: Alan Shutko
- Re: Idea for gnome e-mail client
  - From: Dan Winship

References:
- Idea for gnome e-mail client
  - From: Kent Schumacher

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]