bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#28597: 26.0.60; [Security] Configure should use --without-pop by def

From: N. Jackson
Subject: bug#28597: 26.0.60; [Security] Configure should use --without-pop by default
Date: Mon, 02 Oct 2017 13:22:01 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.60 (gnu/linux) 
At 22:11 +0300 on Friday 2017-09-29, Eli Zaretskii wrote:
>
>> From: nljlistbox2@gmail.com (N. Jackson)
>> Date: Fri, 29 Sep 2017 14:14:29 -0400
>> 
>> I don't think that makes sense, does it?
>
> I hope it does, as this is what I asked for at the time, for
> reasons that did make sense to me.

Indeed. You considered broader factors than I was aware of
previously.

>> There's nothing terribly odd about my system and if the warning
>> message from config is true, then _by default_ I'm going to get
>> built an insecure Emacs.
>
> Only if you use POP3 to fetch your mail.

This raised a question in my mind (which has probably already
been considered and dealt with). When a user has an Emacs that's
configured to use an insecure movemail for POP3, when they issue a
command in Emacs that invokes it, do they get a warning from
Emacs?

Given that many users don't build their own Emacs, they'll not see
a warning from configure, so it would seem sensible for them to be
warned at run time. (Given that they won't want to be plagued with
a warning every time they check their mail, I'm thinking of a
warning that appears when a relevant command it used for the first
time, similar to the way disabled commands work.)

N.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]