> Siding with Daniel on this one. I don't like the idea of trading security > for convenience.
I don't understand where that concept comes from. Let's look at just two details of this picture: - Lynx is 20 year old code maintained in an "add stuff to it" fashion by people who aren't concerned with security. - telnet and rlogin URLs are not convenience. > I've been giving Lynx some thoughts lately, and I think our best bet is a > configure script option to be able to disable spawning processes entirely. pledge "all network and file access" is not really that great either. Most of the work in base was to ensure programs get less than "all network and file access". Oddly, base has a few programs which can spawn! But not access network. And the result is sane, unlike lynx. > Been caught up with other things lately so I haven't done it already, but > I will contact upstream to mention what we have been doing regarding Lynx > and pledge, and propose that. I don't know what you expect from them. Making lynx security is not in their DNA.
