Great Circle Associates Majordomo-Workers
(April 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: security of gen_cookie? (1.94a4)
From: Joe Pruett <joey @ teleport . com>
Date: Wed, 24 Apr 1996 17:09:47 -0700 (PDT)
To: majordomo-workers @ GreatCircle . COM, barr @ math . psu . edu 
i wrote the initial code, so i guess i should speak up.

$cookie_seed is supposed to be set in majordomo.cf.  it is taking the place
of $admin_passwd in your example.  yes, it is site wide.  yes, if someone
wants to really mess with you, they could try to find it and then generate
all the confirm messages to go with faked subscribe messages.  the code
was mainly a proof of concept, and has stopped all subscribe spammers at
our site for months now.
Indexed By Date Previous: Re: Misspelled administrivia
From: pdc@lunch.engr.sgi.com (Paul Close)
Next: Re: security of gen_cookie? (1.94a4)
From: Sean Kamath <kamath@pogo.WV.TEK.COM>
Indexed By Thread Previous: Re: security of gen_cookie? (1.94a4)
From: Dave Wolfe <dwolfe@risc.sps.mot.com>
Next: no-reason BOUNCE's?
From: Dave Barr <barr@math.psu.edu>
Google
 
Search Internet Search www.greatcircle.com