elumbella · April 13, 2021 10:52
diff --git a/testmail b/testmail
 Return-Path: <[email protected]>
 Delivered-To: [email protected]
 Received: from DIR-01 ([10.50.14.191])
 	by IMAP-30 with LMTP
 	id SEIgN82IdGBRewAAlCQnSQ
 	(envelope-from <[email protected]>)
 	for <[email protected]>; Mon, 12 Apr 2021 13:52:13 -0400
 Received: from MTA-01.privateemail.com ([10.50.14.11])
 	by DIR-01 with LMTP
 	id QKoBN82IdGCpWAAA6Rt3mQ
 	(envelope-from <[email protected]>)
 	for <[email protected]>; Mon, 12 Apr 2021 13:52:13 -0400
 Received: from asp-relay-pe.jellyfish.systems (unknown [10.20.151.203])
 	by MTA-01.privateemail.com (Postfix) with ESMTP id D70C460D6B
 	for <[email protected]>; Mon, 12 Apr 2021 13:52:13 -0400 (EDT)
 Received: from mail-b.sr.ht (mail-b.sr.ht [173.195.146.151])
 	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 	(No client certificate requested)
 	by asp-relay-pe.jellyfish.systems (Postfix) with ESMTPS id 4FJxBz33k9zBrLc
 	for <[email protected]>; Mon, 12 Apr 2021 17:52:06 +0000 (UTC)
 DKIM-Signature: a=rsa-sha256; bh=iyMVzEJLAqNXBM7RW4ncCHY+XSOV6erdu8YMbzVsOus=;
 c=simple/simple; d=lists.sr.ht;
 h=Date:From:Subject:To:Cc:In-Reply-To:References:List-Unsubscribe:List-Subscribe:List-Archive:List-Post:List-ID;
 q=dns/txt; s=srht; t=1618249925; v=1;
 b=gG5ThG2jlHtVadsTOzorgWqABNnElLK+9azFNCV/sbDU65ixfBY53WwU3s0UrNDk6SgEI4PD
 heNT/SyVcu67fwmyYKV5VJn6pjPPPJGofuIOB7wP8+qW6tiFz+hsoM96FxjIS22pqa996jJBSEg
 QfnTcY+I04M1tetSkNsS9yREq/PBDt1aedspYtg3ocTYW6ucgu2lT6t7bP1Eu39D+iJyj3013Kg
 cFNC/esS1FzZ8BkhNhvQ+ocJlvEgoLcVlgYZgWNVx/V42lLGnnPM0oG7sseMKeAh2xLfhRp2z8d
 u061MiTkmVfKzKShwNg34mwp4m+fpyA9j7hBSAqrDcU9Q==
 Received: from lists.my.domain (unknown [173.195.146.144])
 	by mail-b.sr.ht (Postfix) with ESMTPSA id 9761411EF3B
 	for <[email protected]>; Mon, 12 Apr 2021 17:52:05 +0000 (UTC)
 Received: from out2.migadu.com (out2.migadu.com [188.165.223.204])
 	by mail-b.sr.ht (Postfix) with ESMTPS id 6BCA211EF3B
 	for <~sircmpwn/[email protected]>; Mon, 12 Apr 2021 17:51:43 +0000 (UTC)
 MIME-Version: 1.0
 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=belanyi.fr; s=key1;
 	t=1618249901;
 	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 	 content-transfer-encoding:content-transfer-encoding:
 	 in-reply-to:in-reply-to:references:references;
 	bh=iyMVzEJLAqNXBM7RW4ncCHY+XSOV6erdu8YMbzVsOus=;
 	b=QHKNwBPL3xHAk1menTBsXY2WANbGKZXkfeYAM/oWyzIRVw+Y1Mvn3ELb6tN4rjjYSrbsg9
 	WYvWKlXou54hP+eeF21FROz63SrVd2WuAjE2E0+Mbp4yeRzZX264WfmpEFnJZv0m2QhKFM
 	8YEMtsRCJZpKlYIZuybNaoPD28IBJaWjAn3NlanlC/iScdxM/TMPpCowM6l9m4aI2paLJ3
 	f/96iA+S/XdFdFNPw25dlsBSTIleckvsCi2YddmJqiKDQrYe0ycWCQxO9tG3S0SmZSFFx6
 	TthefIKA1RrAsIzYPqfCY06galFNYlrbctIy402utbL6Pxspup7vkPgVKu5HIg==
 Date: Mon, 12 Apr 2021 17:51:41 +0000
 Content-Type: text/plain; charset="utf-8"
 Content-Transfer-Encoding: quoted-printable
 X-Report-Abuse: Please report any abuse attempt to [email protected] and include these headers.
 From: "Bruno BELANYI" <[email protected]>
 Message-ID: <[email protected]>
 Subject: Re: [PATCH] show perms error only if config contains secrets
 To: "Reto" <[email protected]>
 Cc: ~sircmpwn/[email protected]
 In-Reply-To: <[email protected]>
 References: <[email protected]>
 <[email protected]>
 X-Migadu-Flow: FLOW_OUT
 X-Migadu-Auth-User: [email protected]
 List-Unsubscribe: <mailto:~sircmpwn/[email protected]?subject=unsubscribe>
 List-Subscribe: <mailto:~sircmpwn/[email protected]?subject=subscribe>
 List-Archive: <https://lists.sr.ht/~sircmpwn/aerc>
 Archived-At: <https://lists.sr.ht/~sircmpwn/aerc/%3C40e59e08e08936ec9737bd16c9f96e70%40belanyi.fr%3E>
 List-Post: <mailto:~sircmpwn/[email protected]>
 List-ID: ~sircmpwn/aerc <~sircmpwn/aerc.lists.sr.ht>
 Sender: ~sircmpwn/aerc <~sircmpwn/[email protected]>
 X-NCJF-Result: WNfIJ0NWq2j7YZq0COq14tpTNqS4x/3m9ZQOl/PT1zmVEv5fvNgAp5NVSbvAmX2
 	octypT4ehhAgMzxXrLq34VKpahHmij+6JtJdpZ3scF94lu2SUbCG1RDmBAJRuuAFwHxZp2Z84PPQn1
 	sQOZYQMaBDjb3uuZzrCi2FsmCk+Io41D84YTRt6hLCTP3NuOp6d5uIOD7/EzrtCohLtqy2PJ0hheS6
 	xoZHSFPy1aIi0zKDXNBdjPd59SR0lGE0tFFeigUZWUunJqQOo93JGOsA9RYyejQObR40EFQbF95X/g
 	2S6TuGg0ydVh2NQG9dYrObKa5ZmgqyJwMMmfNgxhn7utMPRhQ9pooGCz2soJI7cJCTy3D8ndNBd0Cj
 	u/gB8mXLZAHpv6eiEcwkTXjp+shNzn7hQUwCYED6n8uLRZsbMg3WFJn/Rm++3HuTok2pbKKq/2nMnO
 	3f9OumzfXMK6i3qSikNoNhjgs+BvZHojMAG8aBRRd7x4p9YpP+SeepQOELRLlZZciNT/qMF4jlHQDI
 	9xX0/mJC2LuCPEiyZFy+HaaSy1CvdNs4aUxxWKHDcabIn/M4f/2P3yI5LDwGupCWCo4zS0k75cGGbg
 	5OLjm4zEt7p/mpxSV+NSlFyQ1Ykb+QZCOhoC+lFXgNSufuzhYP4jgSjzTr1qg4iidirXUAfvtCqHG+
 	1VelzItlIBtMivnRFxjAAH/QD93jkXPD/1ot71emCxpZFNGdaEZaf18CcrGKkzV4ZZpGnHFAbQSrH9
 	YlNxcBUVHoO7QlI+Jyt9tnB0mHni+egZzF9/Tfm+kBXdxsgYqdqd/F9kUfnYLeM+mVFB9ztkx7FTrl
 	ZPJvSzAzO+7wP/mhxL7sgjVRFXfwxbvIghjbWgwt+7r+ASyP8RoFm14fGPv4mSLyrW2dN0+bT8M0L8
 	adpcrGJAE7wybVY2wc3MvrnLeKImDH22SU03cTjfTPpgSHDECiTqHLkqYAew+uiY+byrXSCJSpLG5G
 	YhBo5qWe4sxS1BObADXZtq2ETcleXi4DkbqMvot4LNZK23z+vVJ5Pp8iLuCariOnXnJByQHYANGHLJ
 	dL68nBjWsUYz3vYbvVMyuZ4oitkpXF7zKnuUGAQH1audrvq0VDr3eU2pjkagf2dhAGYX8CK7HV85OA
 	i0pPqvBVB25q1uAzbKpRPlwJ3goRWFOhDhNmHuih68c7eWHGMtHZQ0vnDPhtWW3R3y74QaWLwW1sG8
 	yS9dnHkcG08Wrj1+D+YEISFKDiaglY2ohaCCAPwCYRX4236wiJF66RPS24ssMxdehtI2f/388JpB3I
 	VGlpNK50PYIFclggY0OF1UzKj7XxBr30/vkkw349R53cadW+/HEpMy0sQWQPLubaAFHio7pDAq0S2p
 	sbf7JRaysJnSf1zn4NOEbNClcHoI9N3MisbfCCROUOOxNuL3Xk6dVquAJphoG37dov6uMRf4/Tn/Ot
 	SpNKiP+bM502wp+Ny851yGDVT4ru0y7mkBu8zcP52vKpxrMgyulQTuIrL9PixKA1fv8uOocvBt8mzH
 	KhUs7x5okVrwTIcxKDMqwWL0fG7m+CekVHYzz1/ZXu2R3NxLhoi4PIXjZmgTFNkQ3HCsjJ3pK20UEh
 	4bm3khV4PnNqjbFUGgkgh5P9/OrlsXMsbaZvOkQuZYmjk4k5aHxBsNwMe+gEF7XCRIX5EJainF6Wxq
 	9lsA5U2PYtUZj72WlbvGIbLPmtPgN1HEHP10ReJRqKlPyN85ke6lAbJffo6OS6nqJvR/eU0YgZLZbk
 	K2cLpdCyikkSdIeyI0kDZlpaMAWrUAf7nH9T4DkMBaSFfvdJq7wSLYPTNxhu7/SYY1RuAJM1FcTBLa
 	yG/hwdGlgzJTzcmX+lxj5WhszNTK3biH0uoQcqJy3qa0tBK28mRkTufPVX2MZ/O2WHVWjgcJcvwE46
 	+8LMmB9u9L58E0AyNnr/RzoRLZ/I3Iv9sufuLUZv7tG5mMbnOcdy1PMhXeJ88fR3amuscC6V7zqA/6
 	ufQGJUGzU6qUvZVBjd9syA0dQKNMeF2Yew9wY1ykosGeWxbe9eeN1JNf0o6IVKqiPba9cRMtXFvrkw
 	9uXGubQmfPITsjWqr8OJ5EOkyfGn7LyVrbtuFCbRmNrCFlBoJQSvbedXBbU4TCt93ocTLlKVuHnjMe
 	RxLs/lhhWVRMEl6prlmcxiqPv2wfSFn9WG12k8322Xm5LTRmaTEmaeSKO41uhOLwVrdY7bvDKf4fgQ
 	skxtHPQEu3ZzUOT6n83llu/+x7bJADSWwf//+14NBmhAitkSdcxAiDKs6sSsAKU1P2JFnWlBCPiHxw
 	SO2LmKUyVFI/nO5j4ps2N+D0HkSRt/aZSfc94/utSJB4qDG6SfVTL1tv4Np33yCbpvFB4QBnrQsmiy
 	NSLQy0w85LMOAYYwb4oYlyMUe8H7nR1UtLDsR6YyxP35beXtOMrjiudQ+BVNlrCwoanNHdXuTP/TLR
 	Z+B4bprqreSmu4IedVHQvOqTIRr0MFCGZ9jpPYFTIrjpvM7Dr6xLkOOEILZmPmvvcBuwDc9qIKR+8G
 	XCQTQKxtQ237su/WuhrFzCxfOiQIRwSlVFXN/amf70Wvpe4ScmkfFxdTNYf7X9whFthwzfluU2X+Dm
 	mfj9TMtlLo2W3eV+1EBeVzCZxudwOyVgG5s600sDSKV1uXwYYAM0CBlQy0BEWS+NqWRIY3J0RMd8oo
 	KgMsS+B+fvmKptx00j05EeKgeJweY6mE6cC4KJ08AuDD8hEHgcvAOLA/waAyyvfwujXZBeFwFco6Gh
 	uCc9ZiCzfpQiNBNSQFSlroS9n1HIFbIKVqt+LXTyn0kY7i+zuI8sD4VGiywBcrjpsAjpoVyi7+R2Qz
 	y4PM7jnGGrZm56EZ9/CipRiFJ6izch9s5Ndq2sEij6Pawn1UVob1AmxrSZ3CRjCFmmXqI54nHZlPTB
 	Kt9pfFimW0d4H0EpCLUhSOHKgurzngbcVcyoZ9NnZzwaNw+6dfoXE1Ao5BeNI8zaCeJ2/DeybuJpjx
 	2TzLA2T6835AXMsPSns6jAkC6gHjguZAjI2bRQXH+b3dYe4HZGXfqAaKfx0BQVt/yLWeiMkUtu9eed
 	qTxIIv0f/8Kdr8YJRrzovHbRFzWMLoNOFNOVvlT0sxSgBI5MNoVO34RsoFLy/9Hnb+ZV/ZwVMm8AMC
 	ikXZDS/8GrL3NxtTBWEk40YUEhgEQZSarD3wdQIgKOwNrRGVVi+zPZtuqdougO0pc0r2Ip7KTVErYJ
 	lc8YZM+Y5ClPXNf7GfBXMTmSeWhmZNASBMY2l8XcwuKnKnBU9+BgvYsijtlKSe9xfXxrcyyFsX4IsI
 	17ZfIFDHAgUhh9/QGOXgRo9lIsl+Own3cfNtTBBNWxZCcbGV75ksrpa3fAbAVDLZfMCBxB5KAjCdnc
 	8TACVghyVU5DFHBbhiYPtD2ZE02dTMIt2gDoSEFzO8b+IFJ5abqyeUyWg5inC9CR4lAS3+swnAerxn
 	or3mhWPJAnIqCZ9b6ZzBCB4wKeZp64+ydv4G+QhDnqQjgLs8EgMCU2vBCbfuORkIuUhLI6S/++PKUm
 	kzdqQFQ42huadmaAeKEQ5icuO0X1HllrOIdMjnp7TBxcvtvSPeDz6i7Au2H2i8nAbqpT9NRWoFrwjp
 	JJTbQ32rEwmATaNhL/wtWw+q4dlDqhjjm7WtoevQkMLrHXJgNR+CPpInZAetNTHy7SbPr2F2dlWbzi
 	1ekg6Cs/coqW+9Y+BOn4N0EQ99+kqrSg7wiT06FNeIG1DMs1NCEeNSMpMFUvkWQXhdXSsQ9uMxlt3f
 	7epX4+LJXlryCDjjCP15lAI2ixibY3iMkGkYoYoHAAog8sxbHPW6FvWBw1yqS5E5SiiOXAwXALyG+T
 	qfnDuVV2Qvkdrn2Ddr21yFIiStCLzjoLrhZvQ9OKQwEKkcv8yKAX9JClrpons055UJ+BqDHo71COoc
 	l98kWzvxReB/dGPgInKNsRMVAP1xxOxN0vaA9KAi2eyRw9r4RfT+JGB9N10+nmHtQB3IKeRBe6vAuo
 	a3EyDIP59IKOVr+/1HRGBV/P0gYncboF+joSKoA5C8umrRgVVSV77wlOTll7hJsIbKHrUzv2EQZsWy
 	F4bfGGsWfHhBmIR79u1InD7sLctBYUakZK5Ds8+Oe4pgc36XZLRB7E82WFK83gEcJR89l21x0dFpLm
 	FmNdymJFKLmgIsQ84qzSKEjgbOvPg3rESaqr52JKDpG6NnneHyVPNfWvQwfK4FfelmjAdOcjZk7/PP
 	rh0gu3PzIZGVPY/JyxZG6OVGDDoCxMjX7+7/HtzTgzSxaEKLzbYjScUSj6cnXHU2ai0wAN7WLHW86V
 	UWosraNRTpWxstb2qNRXLiiW6+Sg3moy9u4u6GKZYg7kh2GtcQqbcSj9Fk4BrLMmAYoIHiffbznrSM
 	5Q4sGhuLGg0jkmaGtiDrXIfiKz0F7MrULRFio1UXABuHRKYjylIxKonM19oimsvZl7Xlh7PFtv3vLf
 	5xQzVFFgQuWxjIsQEbExZ/DRvJwAhMsBDrmMHffgBKRes+85AX9Z+1HD3J5JDgxHFAiZhFjGatMdkQ
 	oqesWde1bT/3CbzhdsXmyclilWAYeRaFkBKeTX3FFnYjulhjq3WsZbBdUbKZCylnqOm252jTL9AbGn
 	0F806UokqwdNVMKbWjeS8++UJu1MCBV56yYi00Buim93gh29jDRsnhvpu+62Oka767zFZUp+2qD2+8
 	AZnFXscbgmP4MKdEwJTLSWKjnGzPvy3QjLdIokZgV37Bw+qCFoLOMFB/YtoQLJj+Ha75b1BlaQquNk
 	Wthd0HdInI8Iop0flewFC5a2IPP1aNzO8c9dzMzHo/onMsGgw06pQUA1dadwFN4nvIYsfrZkJecWUT
 	bZw4Bug1FwM7Q7ZCybaWMm2fuWkguz/+m5fLKe2MnWzU4lkR2KmOck5pQZ4/z/0Ho4Aj5g3247TCEA
 	z4n7arygq4AAopPrLQqlHB/euZnLWSdqXgn6HFrb3xc0zXvvoAJlHkerVNjHyzGfRmcKZgAP7Ri3pJ
 	IzSY5+3EKlbIuDMmcb2L3Rkv0vtrcRJ2eF4NojvGQaskR61TPvBJp9pd2uS9Pn+zgqCZyhPusI6DTN
 	qkIqa8UkygFKSkb6az87U4gf0k1NUyYXYZMJ8wTXutLPN7jgLbS5rnE0bH9i14keMsxA+DOFFnYizo
 	XjVU4wUEZMxg15QDe8JiizplqxBy/qfXT/E7SRGyQMQKNL0CQXaCgZ0vSisGYVlSGZph2D7YNImYCg
 	G9/C/anVfuwdyH8uk/ifVeL3FJoNmbdZb//rzSZZTPPHVvjZfSCb2ixIfrmKJ6/NLjIvRLMNaUfPP/
 	nagMn4H62TU2aCSICr5IpRs//TCf3lSJWxe7e4qftnD6PsSzqgW3WCSeJfI3uBz6s57TdYKMJExYJW
 	LU/uBALT2dikWU38fxVQ0HxGE6Ea3F0KbU6QPwE9TYn73NdiwkAjJF4oU2ACMYsxepXkjNpspwVkTJ
 	r/A6tc7hHT8ODF2kpX8YdElCgbUUdEnluPobuKZB2nLpRf31+PuWCRHeZcbwurudTS3Os/SHwFZ6ud
 	VXfQ3mZ+S8tgwLR5ZNAF7/6w2xURck6jXXFUpwtQ2KXHeFLCzVX1GqCbsWFbHYVvzy2Vfql1Sz/l38
 	eteTvJa8E2oC01nanhsVM3RsnN1fgqr/QQalxCr7YAEmSN1rsCmwppwjvaopbbcGqhfpIe+LVOTcYm
 	8e7sFwmuhwKvDsRy4I3r/qP7SQxPNao13SGfUKiDMwm0tKGP+siqUKx9YwJg1KYPsLSiCTDw5drsxx
 	4LuG+7Wxy69+zwGu2/I5SMgV5lIgIA3NrdqIpc91CAupDxNfADfN7GQdoq7Rx6OVP7MLdJbV48obpv
 	K9ydtqVg/mkKVIOMYkV24t+4wxnhfmK916yhYtCRJ25o8jR/AtMvJvlkNKtxFguT32g4ZpoRzSdZ75
 	9uOARNSOZGPczQamBLghqer3nqfpj9os4Z+uTNi4w9ZYRnyNVKvKTVK6AFebRY5HgHV+WzSDZmMTha
 	Qk+GL8ygqCeVuNCDEQB99UDiNXwkSIMtofjs6UlTezJbXh1O/8irBjRnz5kpeTNyR79LnFIsV4S4Pa
 	fEPqHvcZOpoFWQxgxeFkNw4Rld5hLYS7vsdOcWRUMPKjzXtceB+I/Rf0hwiHIdkMnH1B57ZkWutaMS
 	6yTYgHIMQF3WfpRnujpZKyMtJvHAQSmpgQS7QaC7frq6aiLHgx8co4AN8KJKGNTgE25TJJWmA0PrTq
 	TkIlf1dW8QutlXv8HCV0IdcMLTemoGnWpsskYjzdePBLW9SbbBAonLQyoF3UANrJcQyauVdEkmGu1O
 	Y4j/Fy2P/GtJGCb7v1bFebkrjiEkwQl+vLNlbefe+9agGoAc4kWbRf+UkaaBpCAM/JcOtK/+gFtECW
 	wymMnw4tXiL9PTV9tsNejEXehbEEPeIJNlktu0t3Hvcr/jSvnjHkekPh51I/shAL6Xw==
 X-NCJF-Version: 11
 Authentication-Results: asp-relay-pe.jellyfish.systems;
 	dkim=pass header.d=lists.sr.ht header.s=srht header.b=gG5ThG2j;
 	dkim=pass header.d=belanyi.fr header.s=key1 header.b=QHKNwBPL;
 	dmarc=pass (policy=reject) header.from=belanyi.fr;
 	spf=pass (asp-relay-pe.jellyfish.systems: domain of [email protected] designates 173.195.146.151 as permitted sender) [email protected]
 X-TUID: gwaFMZ7NQCYy

 Hello,=0A=0AOn Mon, 12 Apr 2021 19:08:32 +0200=0AReto <[email protected]>=
 wrote:=0A> Why do you need this in the first place?=0A> Your user has re=
 ad access, why do other users need to read the config?=0A=0AThere have be=
 en multiple issues relating to this check: [1] and [2].=0A=0A> I don't th=
 ink this is the right approach, this is way to brittle.=0A> The code that=
 actually adds new auth schemes doesn't life in this=0A> function and cha=
 nces are this gets missed once a new scheme is=0A> introduced. Meaning we=
 now have a security problem waiting to happen.=0A=0AI only added the pat=
 h about auth schemes because it was brought up=0Asomewhere (I cannot find=
 the link anymore).=0A=0AWhat if instead we only deactivate the warning w=
 hen only `*-cred-cmd`=0Aoptions are used? =0A=0A[1] https://lists.sr.ht/~=
 sircmpwn/aerc/%3CC1HLQYU8QSUI.3GYFQ9WJOH7H6%40ginger%3E=0A[2] https://lis=
 ts.sr.ht/~sircmpwn/aerc/%3CC0KLIH5UWE2G.LPUOBCRVFD5S%40wrt%3E=0A=0ARespec=
 tfully,=0A=0A-- =0ABruno BELANYI
	Return-Path: <[email protected]>
	Delivered-To: [email protected]
	Received: from DIR-01 ([10.50.14.191])
	by IMAP-30 with LMTP
	id SEIgN82IdGBRewAAlCQnSQ
	(envelope-from <[email protected]>)
	for <[email protected]>; Mon, 12 Apr 2021 13:52:13 -0400
	Received: from MTA-01.privateemail.com ([10.50.14.11])
	by DIR-01 with LMTP
	id QKoBN82IdGCpWAAA6Rt3mQ
	(envelope-from <[email protected]>)
	for <[email protected]>; Mon, 12 Apr 2021 13:52:13 -0400
	Received: from asp-relay-pe.jellyfish.systems (unknown [10.20.151.203])
	by MTA-01.privateemail.com (Postfix) with ESMTP id D70C460D6B
	for <[email protected]>; Mon, 12 Apr 2021 13:52:13 -0400 (EDT)
	Received: from mail-b.sr.ht (mail-b.sr.ht [173.195.146.151])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by asp-relay-pe.jellyfish.systems (Postfix) with ESMTPS id 4FJxBz33k9zBrLc
	for <[email protected]>; Mon, 12 Apr 2021 17:52:06 +0000 (UTC)
	DKIM-Signature: a=rsa-sha256; bh=iyMVzEJLAqNXBM7RW4ncCHY+XSOV6erdu8YMbzVsOus=;
	c=simple/simple; d=lists.sr.ht;
	h=Date:From:Subject:To:Cc:In-Reply-To:References:List-Unsubscribe:List-Subscribe:List-Archive:List-Post:List-ID;
	q=dns/txt; s=srht; t=1618249925; v=1;
	b=gG5ThG2jlHtVadsTOzorgWqABNnElLK+9azFNCV/sbDU65ixfBY53WwU3s0UrNDk6SgEI4PD
	heNT/SyVcu67fwmyYKV5VJn6pjPPPJGofuIOB7wP8+qW6tiFz+hsoM96FxjIS22pqa996jJBSEg
	QfnTcY+I04M1tetSkNsS9yREq/PBDt1aedspYtg3ocTYW6ucgu2lT6t7bP1Eu39D+iJyj3013Kg
	cFNC/esS1FzZ8BkhNhvQ+ocJlvEgoLcVlgYZgWNVx/V42lLGnnPM0oG7sseMKeAh2xLfhRp2z8d
	u061MiTkmVfKzKShwNg34mwp4m+fpyA9j7hBSAqrDcU9Q==
	Received: from lists.my.domain (unknown [173.195.146.144])
	by mail-b.sr.ht (Postfix) with ESMTPSA id 9761411EF3B
	for <[email protected]>; Mon, 12 Apr 2021 17:52:05 +0000 (UTC)
	Received: from out2.migadu.com (out2.migadu.com [188.165.223.204])
	by mail-b.sr.ht (Postfix) with ESMTPS id 6BCA211EF3B
	for <~sircmpwn/[email protected]>; Mon, 12 Apr 2021 17:51:43 +0000 (UTC)
	MIME-Version: 1.0
	DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=belanyi.fr; s=key1;
	t=1618249901;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references;
	bh=iyMVzEJLAqNXBM7RW4ncCHY+XSOV6erdu8YMbzVsOus=;
	b=QHKNwBPL3xHAk1menTBsXY2WANbGKZXkfeYAM/oWyzIRVw+Y1Mvn3ELb6tN4rjjYSrbsg9
	WYvWKlXou54hP+eeF21FROz63SrVd2WuAjE2E0+Mbp4yeRzZX264WfmpEFnJZv0m2QhKFM
	8YEMtsRCJZpKlYIZuybNaoPD28IBJaWjAn3NlanlC/iScdxM/TMPpCowM6l9m4aI2paLJ3
	f/96iA+S/XdFdFNPw25dlsBSTIleckvsCi2YddmJqiKDQrYe0ycWCQxO9tG3S0SmZSFFx6
	TthefIKA1RrAsIzYPqfCY06galFNYlrbctIy402utbL6Pxspup7vkPgVKu5HIg==
	Date: Mon, 12 Apr 2021 17:51:41 +0000
	Content-Type: text/plain; charset="utf-8"
	Content-Transfer-Encoding: quoted-printable
	X-Report-Abuse: Please report any abuse attempt to [email protected] and include these headers.
	From: "Bruno BELANYI" <[email protected]>
	Message-ID: <[email protected]>
	Subject: Re: [PATCH] show perms error only if config contains secrets
	To: "Reto" <[email protected]>
	Cc: ~sircmpwn/[email protected]
	In-Reply-To: <[email protected]>
	References: <[email protected]>
	<[email protected]>
	X-Migadu-Flow: FLOW_OUT
	X-Migadu-Auth-User: [email protected]
	List-Unsubscribe: <mailto:~sircmpwn/[email protected]?subject=unsubscribe>
	List-Subscribe: <mailto:~sircmpwn/[email protected]?subject=subscribe>
	List-Archive: <https://lists.sr.ht/~sircmpwn/aerc>
	Archived-At: <https://lists.sr.ht/~sircmpwn/aerc/%3C40e59e08e08936ec9737bd16c9f96e70%40belanyi.fr%3E>
	List-Post: <mailto:~sircmpwn/[email protected]>
	List-ID: ~sircmpwn/aerc <~sircmpwn/aerc.lists.sr.ht>
	Sender: ~sircmpwn/aerc <~sircmpwn/[email protected]>
	X-NCJF-Result: WNfIJ0NWq2j7YZq0COq14tpTNqS4x/3m9ZQOl/PT1zmVEv5fvNgAp5NVSbvAmX2
	octypT4ehhAgMzxXrLq34VKpahHmij+6JtJdpZ3scF94lu2SUbCG1RDmBAJRuuAFwHxZp2Z84PPQn1
	sQOZYQMaBDjb3uuZzrCi2FsmCk+Io41D84YTRt6hLCTP3NuOp6d5uIOD7/EzrtCohLtqy2PJ0hheS6
	xoZHSFPy1aIi0zKDXNBdjPd59SR0lGE0tFFeigUZWUunJqQOo93JGOsA9RYyejQObR40EFQbF95X/g
	2S6TuGg0ydVh2NQG9dYrObKa5ZmgqyJwMMmfNgxhn7utMPRhQ9pooGCz2soJI7cJCTy3D8ndNBd0Cj
	u/gB8mXLZAHpv6eiEcwkTXjp+shNzn7hQUwCYED6n8uLRZsbMg3WFJn/Rm++3HuTok2pbKKq/2nMnO
	3f9OumzfXMK6i3qSikNoNhjgs+BvZHojMAG8aBRRd7x4p9YpP+SeepQOELRLlZZciNT/qMF4jlHQDI
	9xX0/mJC2LuCPEiyZFy+HaaSy1CvdNs4aUxxWKHDcabIn/M4f/2P3yI5LDwGupCWCo4zS0k75cGGbg
	5OLjm4zEt7p/mpxSV+NSlFyQ1Ykb+QZCOhoC+lFXgNSufuzhYP4jgSjzTr1qg4iidirXUAfvtCqHG+
	1VelzItlIBtMivnRFxjAAH/QD93jkXPD/1ot71emCxpZFNGdaEZaf18CcrGKkzV4ZZpGnHFAbQSrH9
	YlNxcBUVHoO7QlI+Jyt9tnB0mHni+egZzF9/Tfm+kBXdxsgYqdqd/F9kUfnYLeM+mVFB9ztkx7FTrl
	ZPJvSzAzO+7wP/mhxL7sgjVRFXfwxbvIghjbWgwt+7r+ASyP8RoFm14fGPv4mSLyrW2dN0+bT8M0L8
	adpcrGJAE7wybVY2wc3MvrnLeKImDH22SU03cTjfTPpgSHDECiTqHLkqYAew+uiY+byrXSCJSpLG5G
	YhBo5qWe4sxS1BObADXZtq2ETcleXi4DkbqMvot4LNZK23z+vVJ5Pp8iLuCariOnXnJByQHYANGHLJ
	dL68nBjWsUYz3vYbvVMyuZ4oitkpXF7zKnuUGAQH1audrvq0VDr3eU2pjkagf2dhAGYX8CK7HV85OA
	i0pPqvBVB25q1uAzbKpRPlwJ3goRWFOhDhNmHuih68c7eWHGMtHZQ0vnDPhtWW3R3y74QaWLwW1sG8
	yS9dnHkcG08Wrj1+D+YEISFKDiaglY2ohaCCAPwCYRX4236wiJF66RPS24ssMxdehtI2f/388JpB3I
	VGlpNK50PYIFclggY0OF1UzKj7XxBr30/vkkw349R53cadW+/HEpMy0sQWQPLubaAFHio7pDAq0S2p
	sbf7JRaysJnSf1zn4NOEbNClcHoI9N3MisbfCCROUOOxNuL3Xk6dVquAJphoG37dov6uMRf4/Tn/Ot
	SpNKiP+bM502wp+Ny851yGDVT4ru0y7mkBu8zcP52vKpxrMgyulQTuIrL9PixKA1fv8uOocvBt8mzH
	KhUs7x5okVrwTIcxKDMqwWL0fG7m+CekVHYzz1/ZXu2R3NxLhoi4PIXjZmgTFNkQ3HCsjJ3pK20UEh
	4bm3khV4PnNqjbFUGgkgh5P9/OrlsXMsbaZvOkQuZYmjk4k5aHxBsNwMe+gEF7XCRIX5EJainF6Wxq
	9lsA5U2PYtUZj72WlbvGIbLPmtPgN1HEHP10ReJRqKlPyN85ke6lAbJffo6OS6nqJvR/eU0YgZLZbk
	K2cLpdCyikkSdIeyI0kDZlpaMAWrUAf7nH9T4DkMBaSFfvdJq7wSLYPTNxhu7/SYY1RuAJM1FcTBLa
	yG/hwdGlgzJTzcmX+lxj5WhszNTK3biH0uoQcqJy3qa0tBK28mRkTufPVX2MZ/O2WHVWjgcJcvwE46
	+8LMmB9u9L58E0AyNnr/RzoRLZ/I3Iv9sufuLUZv7tG5mMbnOcdy1PMhXeJ88fR3amuscC6V7zqA/6
	ufQGJUGzU6qUvZVBjd9syA0dQKNMeF2Yew9wY1ykosGeWxbe9eeN1JNf0o6IVKqiPba9cRMtXFvrkw
	9uXGubQmfPITsjWqr8OJ5EOkyfGn7LyVrbtuFCbRmNrCFlBoJQSvbedXBbU4TCt93ocTLlKVuHnjMe
	RxLs/lhhWVRMEl6prlmcxiqPv2wfSFn9WG12k8322Xm5LTRmaTEmaeSKO41uhOLwVrdY7bvDKf4fgQ
	skxtHPQEu3ZzUOT6n83llu/+x7bJADSWwf//+14NBmhAitkSdcxAiDKs6sSsAKU1P2JFnWlBCPiHxw
	SO2LmKUyVFI/nO5j4ps2N+D0HkSRt/aZSfc94/utSJB4qDG6SfVTL1tv4Np33yCbpvFB4QBnrQsmiy
	NSLQy0w85LMOAYYwb4oYlyMUe8H7nR1UtLDsR6YyxP35beXtOMrjiudQ+BVNlrCwoanNHdXuTP/TLR
	Z+B4bprqreSmu4IedVHQvOqTIRr0MFCGZ9jpPYFTIrjpvM7Dr6xLkOOEILZmPmvvcBuwDc9qIKR+8G
	XCQTQKxtQ237su/WuhrFzCxfOiQIRwSlVFXN/amf70Wvpe4ScmkfFxdTNYf7X9whFthwzfluU2X+Dm
	mfj9TMtlLo2W3eV+1EBeVzCZxudwOyVgG5s600sDSKV1uXwYYAM0CBlQy0BEWS+NqWRIY3J0RMd8oo
	KgMsS+B+fvmKptx00j05EeKgeJweY6mE6cC4KJ08AuDD8hEHgcvAOLA/waAyyvfwujXZBeFwFco6Gh
	uCc9ZiCzfpQiNBNSQFSlroS9n1HIFbIKVqt+LXTyn0kY7i+zuI8sD4VGiywBcrjpsAjpoVyi7+R2Qz
	y4PM7jnGGrZm56EZ9/CipRiFJ6izch9s5Ndq2sEij6Pawn1UVob1AmxrSZ3CRjCFmmXqI54nHZlPTB
	Kt9pfFimW0d4H0EpCLUhSOHKgurzngbcVcyoZ9NnZzwaNw+6dfoXE1Ao5BeNI8zaCeJ2/DeybuJpjx
	2TzLA2T6835AXMsPSns6jAkC6gHjguZAjI2bRQXH+b3dYe4HZGXfqAaKfx0BQVt/yLWeiMkUtu9eed
	qTxIIv0f/8Kdr8YJRrzovHbRFzWMLoNOFNOVvlT0sxSgBI5MNoVO34RsoFLy/9Hnb+ZV/ZwVMm8AMC
	ikXZDS/8GrL3NxtTBWEk40YUEhgEQZSarD3wdQIgKOwNrRGVVi+zPZtuqdougO0pc0r2Ip7KTVErYJ
	lc8YZM+Y5ClPXNf7GfBXMTmSeWhmZNASBMY2l8XcwuKnKnBU9+BgvYsijtlKSe9xfXxrcyyFsX4IsI
	17ZfIFDHAgUhh9/QGOXgRo9lIsl+Own3cfNtTBBNWxZCcbGV75ksrpa3fAbAVDLZfMCBxB5KAjCdnc
	8TACVghyVU5DFHBbhiYPtD2ZE02dTMIt2gDoSEFzO8b+IFJ5abqyeUyWg5inC9CR4lAS3+swnAerxn
	or3mhWPJAnIqCZ9b6ZzBCB4wKeZp64+ydv4G+QhDnqQjgLs8EgMCU2vBCbfuORkIuUhLI6S/++PKUm
	kzdqQFQ42huadmaAeKEQ5icuO0X1HllrOIdMjnp7TBxcvtvSPeDz6i7Au2H2i8nAbqpT9NRWoFrwjp
	JJTbQ32rEwmATaNhL/wtWw+q4dlDqhjjm7WtoevQkMLrHXJgNR+CPpInZAetNTHy7SbPr2F2dlWbzi
	1ekg6Cs/coqW+9Y+BOn4N0EQ99+kqrSg7wiT06FNeIG1DMs1NCEeNSMpMFUvkWQXhdXSsQ9uMxlt3f
	7epX4+LJXlryCDjjCP15lAI2ixibY3iMkGkYoYoHAAog8sxbHPW6FvWBw1yqS5E5SiiOXAwXALyG+T
	qfnDuVV2Qvkdrn2Ddr21yFIiStCLzjoLrhZvQ9OKQwEKkcv8yKAX9JClrpons055UJ+BqDHo71COoc
	l98kWzvxReB/dGPgInKNsRMVAP1xxOxN0vaA9KAi2eyRw9r4RfT+JGB9N10+nmHtQB3IKeRBe6vAuo
	a3EyDIP59IKOVr+/1HRGBV/P0gYncboF+joSKoA5C8umrRgVVSV77wlOTll7hJsIbKHrUzv2EQZsWy
	F4bfGGsWfHhBmIR79u1InD7sLctBYUakZK5Ds8+Oe4pgc36XZLRB7E82WFK83gEcJR89l21x0dFpLm
	FmNdymJFKLmgIsQ84qzSKEjgbOvPg3rESaqr52JKDpG6NnneHyVPNfWvQwfK4FfelmjAdOcjZk7/PP
	rh0gu3PzIZGVPY/JyxZG6OVGDDoCxMjX7+7/HtzTgzSxaEKLzbYjScUSj6cnXHU2ai0wAN7WLHW86V
	UWosraNRTpWxstb2qNRXLiiW6+Sg3moy9u4u6GKZYg7kh2GtcQqbcSj9Fk4BrLMmAYoIHiffbznrSM
	5Q4sGhuLGg0jkmaGtiDrXIfiKz0F7MrULRFio1UXABuHRKYjylIxKonM19oimsvZl7Xlh7PFtv3vLf
	5xQzVFFgQuWxjIsQEbExZ/DRvJwAhMsBDrmMHffgBKRes+85AX9Z+1HD3J5JDgxHFAiZhFjGatMdkQ
	oqesWde1bT/3CbzhdsXmyclilWAYeRaFkBKeTX3FFnYjulhjq3WsZbBdUbKZCylnqOm252jTL9AbGn
	0F806UokqwdNVMKbWjeS8++UJu1MCBV56yYi00Buim93gh29jDRsnhvpu+62Oka767zFZUp+2qD2+8
	AZnFXscbgmP4MKdEwJTLSWKjnGzPvy3QjLdIokZgV37Bw+qCFoLOMFB/YtoQLJj+Ha75b1BlaQquNk
	Wthd0HdInI8Iop0flewFC5a2IPP1aNzO8c9dzMzHo/onMsGgw06pQUA1dadwFN4nvIYsfrZkJecWUT
	bZw4Bug1FwM7Q7ZCybaWMm2fuWkguz/+m5fLKe2MnWzU4lkR2KmOck5pQZ4/z/0Ho4Aj5g3247TCEA
	z4n7arygq4AAopPrLQqlHB/euZnLWSdqXgn6HFrb3xc0zXvvoAJlHkerVNjHyzGfRmcKZgAP7Ri3pJ
	IzSY5+3EKlbIuDMmcb2L3Rkv0vtrcRJ2eF4NojvGQaskR61TPvBJp9pd2uS9Pn+zgqCZyhPusI6DTN
	qkIqa8UkygFKSkb6az87U4gf0k1NUyYXYZMJ8wTXutLPN7jgLbS5rnE0bH9i14keMsxA+DOFFnYizo
	XjVU4wUEZMxg15QDe8JiizplqxBy/qfXT/E7SRGyQMQKNL0CQXaCgZ0vSisGYVlSGZph2D7YNImYCg
	G9/C/anVfuwdyH8uk/ifVeL3FJoNmbdZb//rzSZZTPPHVvjZfSCb2ixIfrmKJ6/NLjIvRLMNaUfPP/
	nagMn4H62TU2aCSICr5IpRs//TCf3lSJWxe7e4qftnD6PsSzqgW3WCSeJfI3uBz6s57TdYKMJExYJW
	LU/uBALT2dikWU38fxVQ0HxGE6Ea3F0KbU6QPwE9TYn73NdiwkAjJF4oU2ACMYsxepXkjNpspwVkTJ
	r/A6tc7hHT8ODF2kpX8YdElCgbUUdEnluPobuKZB2nLpRf31+PuWCRHeZcbwurudTS3Os/SHwFZ6ud
	VXfQ3mZ+S8tgwLR5ZNAF7/6w2xURck6jXXFUpwtQ2KXHeFLCzVX1GqCbsWFbHYVvzy2Vfql1Sz/l38
	eteTvJa8E2oC01nanhsVM3RsnN1fgqr/QQalxCr7YAEmSN1rsCmwppwjvaopbbcGqhfpIe+LVOTcYm
	8e7sFwmuhwKvDsRy4I3r/qP7SQxPNao13SGfUKiDMwm0tKGP+siqUKx9YwJg1KYPsLSiCTDw5drsxx
	4LuG+7Wxy69+zwGu2/I5SMgV5lIgIA3NrdqIpc91CAupDxNfADfN7GQdoq7Rx6OVP7MLdJbV48obpv
	K9ydtqVg/mkKVIOMYkV24t+4wxnhfmK916yhYtCRJ25o8jR/AtMvJvlkNKtxFguT32g4ZpoRzSdZ75
	9uOARNSOZGPczQamBLghqer3nqfpj9os4Z+uTNi4w9ZYRnyNVKvKTVK6AFebRY5HgHV+WzSDZmMTha
	Qk+GL8ygqCeVuNCDEQB99UDiNXwkSIMtofjs6UlTezJbXh1O/8irBjRnz5kpeTNyR79LnFIsV4S4Pa
	fEPqHvcZOpoFWQxgxeFkNw4Rld5hLYS7vsdOcWRUMPKjzXtceB+I/Rf0hwiHIdkMnH1B57ZkWutaMS
	6yTYgHIMQF3WfpRnujpZKyMtJvHAQSmpgQS7QaC7frq6aiLHgx8co4AN8KJKGNTgE25TJJWmA0PrTq
	TkIlf1dW8QutlXv8HCV0IdcMLTemoGnWpsskYjzdePBLW9SbbBAonLQyoF3UANrJcQyauVdEkmGu1O
	Y4j/Fy2P/GtJGCb7v1bFebkrjiEkwQl+vLNlbefe+9agGoAc4kWbRf+UkaaBpCAM/JcOtK/+gFtECW
	wymMnw4tXiL9PTV9tsNejEXehbEEPeIJNlktu0t3Hvcr/jSvnjHkekPh51I/shAL6Xw==
	X-NCJF-Version: 11
	Authentication-Results: asp-relay-pe.jellyfish.systems;
	dkim=pass header.d=lists.sr.ht header.s=srht header.b=gG5ThG2j;
	dkim=pass header.d=belanyi.fr header.s=key1 header.b=QHKNwBPL;
	dmarc=pass (policy=reject) header.from=belanyi.fr;
	spf=pass (asp-relay-pe.jellyfish.systems: domain of [email protected] designates 173.195.146.151 as permitted sender) [email protected]
	X-TUID: gwaFMZ7NQCYy

	Hello,=0A=0AOn Mon, 12 Apr 2021 19:08:32 +0200=0AReto <[email protected]>=
	wrote:=0A> Why do you need this in the first place?=0A> Your user has re=
	ad access, why do other users need to read the config?=0A=0AThere have be=
	en multiple issues relating to this check: [1] and [2].=0A=0A> I don't th=
	ink this is the right approach, this is way to brittle.=0A> The code that=
	actually adds new auth schemes doesn't life in this=0A> function and cha=
	nces are this gets missed once a new scheme is=0A> introduced. Meaning we=
	now have a security problem waiting to happen.=0A=0AI only added the pat=
	h about auth schemes because it was brought up=0Asomewhere (I cannot find=
	the link anymore).=0A=0AWhat if instead we only deactivate the warning w=
	hen only `*-cred-cmd`=0Aoptions are used? =0A=0A[1] https://lists.sr.ht/~=
	sircmpwn/aerc/%3CC1HLQYU8QSUI.3GYFQ9WJOH7H6%40ginger%3E=0A[2] https://lis=
	ts.sr.ht/~sircmpwn/aerc/%3CC0KLIH5UWE2G.LPUOBCRVFD5S%40wrt%3E=0A=0ARespec=
	tfully,=0A=0A-- =0ABruno BELANYI