From 03993708d4d1fb327f102f45d7aa4e9c4fa8237b Mon Sep 17 00:00:00 2001
From: Eli Schwartz <eschwartz@archlinux.org>
Date: Thu, 10 Jan 2019 11:38:38 -0500
Subject: [PATCH] preferences: disable pEpAutoDownload by default and avoid p=p

Distributions should not automatically download this untrusted code;
should be opt-in by users or be packaged separately.

Additionally, we are an advanced distro and should generally avoid p=p
in favor of the user's PGP keys. Moreover, p=p is undocumented and seems
to lead to unintuitive use of the wrong PGP keys in new installations.
---
 package/prefs/defaultPrefs.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/prefs/defaultPrefs.js b/package/prefs/defaultPrefs.js
index d5ca1249..f7ddc864 100755
--- a/package/prefs/defaultPrefs.js
+++ b/package/prefs/defaultPrefs.js
@@ -14,7 +14,7 @@
 // 0: force using Enigmail
 // 1: automatic mode (use pEp if Enigmail and S/MIME are not configured for any identity)
 // 2: force using pEp
-pref("extensions.enigmail.juniorMode", 1);
+pref("extensions.enigmail.juniorMode", 0);
 
 // the last configured Enigmail version
 pref("extensions.enigmail.configuredVersion", "");
@@ -204,7 +204,7 @@ pref("extensions.enigmail.warnDownloadContactKeys", true);
 pref("extensions.enigmail.wrapHtmlBeforeSend", true);
 
 // automatically download pepmda if it is available (without askin user)
-pref("extensions.enigmail.pEpAutoDownload", true);
+pref("extensions.enigmail.pEpAutoDownload", false);
 
 // holds the last result of the last check for pEp updates
 pref("extensions.enigmail.pEpLastUpdate", 0);
-- 
2.23.0