Re: Test mail

Paul Mundt (lethal@ChaoticDreams.ORG)
Mon, 30 Jul 2001 05:07:49 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: Test mail"
Previous message: Mark: "Re: Kernel version 2.4.7 compile errors (fwd)"
In reply to: Alan Cox: "Re: Test mail"

On Mon, Jul 30, 2001 at 12:46:18PM +0100, Alan Cox wrote:
> Its more than that. Its the same smug arrogance that is going to get a lot
> of people nasty shocks one day
>
> ELM, Pine and Mutt have all at various times had holes that could have been
> used to write an exact Unix equivalent of the windows virus.
> <img src="file:/dev/mouse"> hangs some web browser email 4 years after the
> bug was reported and so on...
>
This all goes back to opening things blindly, and also ties in the issue of
HTML aware email clients.

Mail clients should simply be dealing with plain text. As soon as things like
HTML support are introduced into the client, you have the same sort of
problems that you do with easily exploitable web browsers.

These things are only an issue when your mail client tries to do things for
you instead of allowing you to do them yourself. HTML emails can simply be
fed through something like a lynx -dump in order to capture their plaintext
output.

Keep HTML where it belongs, on webpages, not mail. If someone wants to send
you an image, they can do so through an attachment.

Regards,

-- Paul Mundt <lethal@chaoticdreams.org>

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: Test mail"
Previous message: Mark: "Re: Kernel version 2.4.7 compile errors (fwd)"
In reply to: Alan Cox: "Re: Test mail"