Evolution now uses webkit for html mail in 12.10. On launch, it tries to access the google-talkplugin. When looking at a certain messages in preview mode (a google calendar invite), it tries to launch /usr/lib/x86_64-linux-gnu/gstreamer0.10/gstreamer-0.10/gst-plugin-scanner. Interestingly, this is happening even though I have 'Only ever show plain text' configured in Preferences/Mail Preferences/HTML Messages (I do have 'Show suppressed HTML parts as attachments' selected).
This suggests that evolution:
- would gladly use plugins
- that javascript is possibly enabled (for the plugin finder)
- that the WebKit HTML renderer is being invoked even though 'Only ever show plain text' is selected
Webkit is an immensely powerful renderer and it is being used to render completely untrusted input from anyone who can send an email. We need to make sure that plugins and javascript are disabled and that the renderer is not being used at all when 'Only ever show plain text' is enabled (it could be used to deliver text/plain, but it seems that it is processing the HTML then discarding it). This would bring it in line with Thunderbird's policies.
I noticed this because I use AppArmor to confine evolution. Unfortunately in my situation, evolution hung on the message that invoked the plugin finder because the plugin finder failed to launch. I have rules now that will prevent the hang, but evolution isn't handling this error condition gracefully either.
This should be considered an important security regression.
@Mathieu: can you please have a look at this when you have a minute? Can we disable it for release?