[RFC PATCH 2/7] vim: mailcap: forbid access to display server
Nick Howell
nlhowell at gmail.com
Thu Oct 13 13:13:51 PDT 2016
Default to prevent mailcap from accessing the display server. Potential
concerns: a malicious .mailcap file + attachment could read your
keystrokes, or if the .mailcap file is non-malicious, an attachment
exploiting a vulnerability in your mailcap viewer.
In principle we should probably try to run mailcap with super-low
privileges, but I haven't explored this.
---
vim/notmuch.vim | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vim/notmuch.vim b/vim/notmuch.vim
index c66c874..947fec0 100644
--- a/vim/notmuch.vim
+++ b/vim/notmuch.vim
@@ -60,7 +60,7 @@ let s:notmuch_reader_default = 'mutt -f %s'
let s:notmuch_sendmail_default = 'sendmail'
let s:notmuch_folders_count_threads_default = 0
let s:notmuch_compose_start_insert_default = 1
-let s:notmuch_mailcap_filter_default = "run-mailcap --action=view %s:-"
+let s:notmuch_mailcap_filter_default = "DISPLAY= run-mailcap --action=view %s:-"
function! s:new_file_buffer(type, fname)
exec printf('edit %s', a:fname)
--
2.7.3
More information about the notmuch
mailing list