Re: [PATCH] Add $umask for mailboxes and attachments
On Sat, Mar 17, 2007 at 10:12:07AM -0400, Derek Martin wrote:
> On Sat, Mar 17, 2007 at 02:50:33PM +0100, Oswald Buddenhagen wrote:
> > in short, all this stuff is discussing securing the door of a blown-up
> > house. mutt is just one application. if umask (or the ~/ mode) or PATH
> > are not set sensibly for *all* apps, you can conceive any number of
> > attacks against mutt or the data it produces/processes.
>
> Security is hard, and there is no such thing as perfect security.
> Your sentiment above seems to amount to "It's hopeless anyway, so
> don't bother."
>
that's most definitely *not* what i'm saying.
> Get right what you can get right.
>
yes, exactly. however, i fail to see how spending resources on and even
creating additional problems by creating barriers where tens of
alternative ways to break in exist (by design, not through bugs) is in
any way Right (TM). security should be applied where it provably makes
sense, not elsewhere. see Gaëtan's interpretation of your references.
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.