List-Managers: Security Problems

List-Managers
(March 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Security Problems
From:	Eric Klien <oceania @ enet . net>
Date:	Tue, 14 Mar 1995 11:02:14 -0700
To:	list-managers @ greatcircle . com

Hello,

I am working on changing the code of majordomo by hand to solve some 
major security problems with it.  The problems that I have are that 
1) anyone can post to the list by sending e-mail to list-l-outgoing 
and 2) anyone can get a copy of the list by sending majordomo telnet 
client 25, expn listname-outgoing even if I disable the who command 
in majordomo.  

Can anyone give suggestions on solving the above problems?

Someone suggested that I "have MajorDomo create a temporary copy of
the list each time a message is sent from the list".  How could I 
accomplish this?

Eric Klien
+---------------------------------------------------------------+
| Oceania: A New Country In Development ->  welcome@oceania.org |
+---------------------------------------------------------------+

Follow-Ups:

Re: Security Problems
From: Brian Behlendorf <brian@hyperreal.com>
Re: Security Problems
From: Tim Pesce <tpesce@well.sf.ca.us>
Re: Security Problems
From: Dave Barr <barr@math.psu.edu>

Indexed By Date	Previous:	New to the list From: "clements@xmission.com" <clements@xmission.com>
Indexed By Date	Next:	Re: Security Problems From: Dave Barr <barr@math.psu.edu>
Indexed By Thread	Previous:	New to the list From: "clements@xmission.com" <clements@xmission.com>
Indexed By Thread	Next:	Re: Security Problems From: Dave Barr <barr@math.psu.edu>