[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC] MIME attachments for comint
From: |
Stefan Monnier |
Subject: |
Re: [RFC] MIME attachments for comint |
Date: |
Tue, 28 Sep 2021 15:26:17 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) |
Augusto Stoffel [2021-09-28 18:05:35] wrote:
> On Mon, 27 Sep 2021 at 16:37, Stefan Monnier <monnier@iro.umontreal.ca> wrote:
>> Sounds like a cute package, thanks.
>>> Here are some more assorted observations:
>> Anything to say about security implications/measures?
> Good question, I didn't think about this.
I think such a feature needs to be quite careful and proactively
defensive about that.
> I guess it's safe to feed `create-image', `svg-image' and shr with any
> kind of evil data, no?
What could go wrong, right?
I recommend you place strong restrictions on the formats supported so as
to stay within bounds which you positively know are safe (e.g. no worse
than what happens already with SHR rendering when viewing HTML email).
Stefan