<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Chapter 7. Security Considerations</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.3" /><link rel="home" href="index.html" title="The Mutt E-Mail Client" /><link rel="up" href="index.html" title="The Mutt E-Mail Client" /><link rel="prev" href="optionalfeatures.html" title="Chapter 6. Optional Features" /><link rel="next" href="tuning.html" title="Chapter 8. Performance Tuning" /><style xmlns="" type="text/css">
+<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Chapter 7. Security Considerations</title><meta name="generator" content="DocBook XSL Stylesheets V1.75.2" /><link rel="home" href="index.html" title="The Mutt E-Mail Client" /><link rel="up" href="index.html" title="The Mutt E-Mail Client" /><link rel="prev" href="optionalfeatures.html" title="Chapter 6. Optional Features" /><link rel="next" href="tuning.html" title="Chapter 8. Performance Tuning" /><style xmlns="" type="text/css">
body { margin-left:2%; margin-right:2%; font-family:serif; }
.toc, .list-of-tables, .list-of-examples { font-family:sans-serif; }
h1, h2, h3, h4, h5, h6 { font-family:sans-serif; }
body { margin-left:2%; margin-right:2%; font-family:serif; }
.toc, .list-of-tables, .list-of-examples { font-family:sans-serif; }
h1, h2, h3, h4, h5, h6 { font-family:sans-serif; }
div.note h3 { font-size:small; font-style:italic; font-variant: small-caps; }
div.note h3:after { content: ":" }
div.note { margin-bottom: 5px; }
div.note h3 { font-size:small; font-style:italic; font-variant: small-caps; }
div.note h3:after { content: ":" }
div.note { margin-bottom: 5px; }
First of all, Mutt contains no security holes included by intention but
may contain unknown security holes. As a consequence, please run Mutt
only with as few permissions as possible. Especially, do not run Mutt as
First of all, Mutt contains no security holes included by intention but
may contain unknown security holes. As a consequence, please run Mutt
only with as few permissions as possible. Especially, do not run Mutt as
</p><p>
When configuring Mutt, there're some points to note about secure setups
so please read this chapter carefully.
</p><p>
When configuring Mutt, there're some points to note about secure setups
so please read this chapter carefully.
Although Mutt can be told the various passwords for accounts, please
never store passwords in configuration files. Besides the fact that the
system's operator can always read them, you could forget to mask it out
Although Mutt can be told the various passwords for accounts, please
never store passwords in configuration files. Besides the fact that the
system's operator can always read them, you could forget to mask it out
your mail including your password could be archived by internet search
engines, mail-to-news gateways etc. It may already be too late before
you notice your mistake.
your mail including your password could be archived by internet search
engines, mail-to-news gateways etc. It may already be too late before
you notice your mistake.
Mutt uses many temporary files for viewing messages, verifying digital
signatures, etc. As long as being used, these files are visible by other
users and maybe even readable in case of misconfiguration. Also, a
different location for these files may be desired which can be changed
Mutt uses many temporary files for viewing messages, verifying digital
signatures, etc. As long as being used, these files are visible by other
users and maybe even readable in case of misconfiguration. Also, a
different location for these files may be desired which can be changed
information to the outside world when sending messages: the generation
of this header includes a step counter which is increased (and rotated)
with every message sent. In a longer running mutt session, others can
information to the outside world when sending messages: the generation
of this header includes a step counter which is increased (and rotated)
with every message sent. In a longer running mutt session, others can
As Mutt be can be set up to be the mail client to handle
<code class="literal">mailto:</code> style links in websites, there're security
considerations, too. Arbitrary header fields can be embedded in these
links which could override existing header fields or attach arbitrary
files using <a class="link" href="gettingstarted.html#attach-header" title="6.2.2. Attach: Pseudo Header">the Attach:
As Mutt be can be set up to be the mail client to handle
<code class="literal">mailto:</code> style links in websites, there're security
considerations, too. Arbitrary header fields can be embedded in these
links which could override existing header fields or attach arbitrary
files using <a class="link" href="gettingstarted.html#attach-header" title="6.2.2. Attach: Pseudo Header">the Attach:
<span class="emphasis"><em>unset</em></span>, i.e. the user doesn't want to see header
fields while editing the message and doesn't pay enough attention to the
compose menu's listing of attachments.
<span class="emphasis"><em>unset</em></span>, i.e. the user doesn't want to see header
fields while editing the message and doesn't pay enough attention to the
compose menu's listing of attachments.
will send out the user's private gnupg keyring to
<code class="literal">joe@host</code> if the user doesn't follow the information
on screen carefully enough.
will send out the user's private gnupg keyring to
<code class="literal">joe@host</code> if the user doesn't follow the information
on screen carefully enough.
Mutt in many places has to rely on external applications or for
convenience supports mechanisms involving external applications.
</p><p>
Mutt in many places has to rely on external applications or for
convenience supports mechanisms involving external applications.
</p><p>
projects / software / mutt-debian.git / blobdiff