>>>>> On Wed, 16 Nov 94 16:01:21 GMT, sean@rednet.co.uk said:
sean> Is there a way to findout who is subscribed to a list under
sean> majordomo.
sean> In particular is there a way to stop a user getting at the
sean> other subscriber information.
I've seen a number of such requests come and go on this list, so
here's what I did. I added two new config options, "anon_who"
and "anon_which". Their purpose is to implement per-list privacy
options. Even list members can't do a "who list" if "anon_who"
is set, and "which other-address" commands skip lists with
"anon_which" set. In order that the list owner can still see
who's subscribed, I also made it possible to approve a who
request. This part is not clean, since the existing "approve"
code wants more arguments than a "who" command normally needs.
Thus, you wind up needing to do "approve PASSWORD who LIST ." or
somesuch to get the desired result. It's that wart on this that
has kept me from posting this earlier.
Anyway, appended are the relevant sections of diffs for my setup.
Your line numbers will almost certainly vary, since I have other
changes besides.
--spider
--
Spider Boardman spider@orb.nashua.nh.us
speaking only for myself ...!decvax!orb!spider
*** /local/src/majordomo-1.92/config_parse.pl.ORIG Mon May 9 14:34:06 1994
--- /local/src/majordomo-1.92/config_parse.pl Fri Oct 14 02:25:37 1994
***************
*** 77,82 ****
--- 78,85 ----
# otherwise the value is the default value for the keyword.
# if the value starts with #!, the rest of the value is eval'ed
%known_keys = (
+ 'anon_who', 'no', # anonymous list disallowing who
+ 'anon_which', 'no', # anonymous list disallowing which other
'private_get', 'yes', # must be on list to use get
'private_index', 'no', # must be on list to use index
'private_who', 'no', # must be on list to use who
***************
*** 157,162 ****
--- 162,173 ----
"If set to yes, then the requestor must
be on the mailing list to use the info <list> command.",
+ 'anon_who',
+ "If set to yes, then 'who <list>' commands will not be allowed.",
+
+ 'anon_which',
+ "If set to yes, then 'which <other-address>' commands will skip this list.",
+
'advertise',
"If the requestor email address matches one of these
regexps, then the list will be listed
***************
*** 340,345 ****
--- 359,366 ----
'private_info', 'majordomo',
'private_who', 'majordomo',
'private_which', 'majordomo',
+ 'anon_which', 'majordomo',
+ 'anon_who', 'majordomo',
'advertise', 'majordomo',
'noadvertise', 'majordomo',
'description', 'majordomo',
***************
*** 386,391 ****
--- 409,416 ----
'private_info', 'grab_bool',
'private_who', 'grab_bool',
'private_which', 'grab_bool',
+ 'anon_which', 'grab_bool',
+ 'anon_who', 'grab_bool',
'advertise', 'grab_regexp_array',
'noadvertise', 'grab_regexp_array',
'description', 'grab_string',
***************
*** 609,614 ****
--- 636,645 ----
sub handle_flag_files {
local($listdir, $list) = @_;
+ if ( -e "$listdir/$list.anon") {
+ $main'config_opts{$list,"anon_which"} = 1;
+ $main'config_opts{$list,"anon_who"} = 1; }
+
if ( -e "$listdir/$list.private") {
$main'config_opts{$list,"private_get"} = 1;
$main'config_opts{$list,"private_index"} = 1;
***************
*** 928,934 ****
sub grab_float {
local($num)=@_;
! return($num) if $num =~ /^[0-9][0-9]*\.[0-9]+$/;
return($num) if $num =~ /^$/;
push(@errors, "$num is not a floating point number at line $.\n");
return "";
--- 959,965 ----
sub grab_float {
local($num)=@_;
! return($num) if $num =~ /^\d+(\.\d+)?$|^\.\d+$/;
return($num) if $num =~ /^$/;
push(@errors, "$num is not a floating point number at line $.\n");
return "";
***************
*** 944,950 ****
"integer |$num| contains a ^A at line $.\n"), next
if $re =~ /\001/;
! push(@return_array, $num) if $num =~ /^[1-9][0-9]*\.[0-9]+$/;
push(@return_array, $num) if $num =~ /^$/;
push(@local_errors,
"$num is not an floating point number at line $.\n");
--- 975,981 ----
"integer |$num| contains a ^A at line $.\n"), next
if $re =~ /\001/;
! push(@return_array, $num) if $num =~ /^\d+(\.\d+)?$|^\.\d+$/;
push(@return_array, $num) if $num =~ /^$/;
push(@local_errors,
"$num is not an floating point number at line $.\n");
*** /local/src/majordomo-1.92/majordomo.ORIG Sun May 8 17:07:37 1994
--- /local/src/majordomo-1.92/majordomo Sun Sep 25 02:34:32 1994
***************
*** 379,384 ****
--- 379,387 ----
} elsif ($cmd eq "unsubscribe") {
&log("approve PASSWORD unsubscribe $clean_list $subscriber");
&do_unsubscribe($clean_list, $subscriber);
+ } elsif ($cmd eq "who") {
+ &log("approve PASSWORD who $clean_list");
+ &do_who($clean_list);
} else {
# you can only approve "subscribe" and "unsubscribe"
&squawk("approve: invalid command '$cmd'");
***************
*** 454,460 ****
--- 457,473 ----
# get configuration info
&get_config($listdir, $_) if !&cf_ck_bool($_, '', 1);
+ if ( &cf_ck_bool($list,"anon_which")
+ && ! $approved
+ && (! &is_list_member($reply_to, $listdir, $list))
+ && (! &addr_match($reply_to, $subscriber,
+ (&cf_ck_bool($clean_list,"mungedomain")
+ ? 2 : undef)))) {
+ # skip anonymous lists if requestor isn't a member or is snooping
+ # on someone else
+ next;
+ }
if ( &cf_ck_bool($list,"private_which")
&& (! &is_list_member($reply_to, $listdir, $list))) {
# skip private lists that the requestor isn't a member of
next;
***************
*** 503,509 ****
--- 517,529 ----
&get_config($listdir, $clean_list)
if !&cf_ck_bool($clean_list, '', 1);
+ if ( &cf_ck_bool($clean_list,"anon_who") && ! $approved) {
+ print REPLY "**** List '$clean_list' is an anonymous list.\n";
+ print REPLY "**** The 'who' command is not allowed for this list.\n";
+ return 0;
+ }
if ( &cf_ck_bool($clean_list,"private_who")
+ && ! $approved
&& ! &is_list_member($reply_to, $listdir, $clean_list)) {
print REPLY "**** List '$clean_list' is a private list.\n";
print REPLY "**** Only members of the list can do a 'who'.\n";
References:
|
|
