Majordomo-Workers: Re: Is 'wh*ch' useful?

Majordomo-Workers
(October 1997)

Indexed By Thread: [Previous] [Next]

Subject:	*Re: Is 'whch' useful?**
From:	Norbert Bollow <nb @ pobox . com>
Date:	Tue, 14 Oct 1997 10:05:29 +0200
To:	tibbs @ hpc . uh . edu
Cc:	majordomo-workers @ GreatCircle . COM
In-reply-to:	<ufa7mbgamfg.fsf@sina.hpc.uh.edu> (message from Jason L Tibbitts III on 14 Oct 1997 01:28:03 -0500)

> I keep seeing comments to the effect that the which command is dangerous

'Which' is very useful and dangerous at the same time. Regardless of what you
do about the dangers, there should be a convenient way for list-owners to use
'which' on the set of lists for which they're allowed to add and remove 
subscr*bers (regardless of whether the lists are advertised or not).

> it away.)  Is there anything else I can do to restrict 'bad' uses like
> sending 'which a' through 'which z'?  Perhaps restrict the match to three
> characters or more (more for the regex match)?

Something like 'which @aol.com' needs to be disallowed, too. I'd suggest that
advertised lists can be configured as SENSITIVE or NON-SENSITIVE (the default)
with the semantics that someone who knows my e-mail address will be able to
find out to which NON-SENSITIVE lists I'm subscribed.

1. 'which' displays matches for lists which are nonadvertised or SENSITIVE 
   if and only if
       a) the which request comes from the e-mail interface and the matched
          e-mail address is equal to the e-mail address of the requestor.
    or b) the requestor has list-owner priveleges for this nonadvertised list.

2. 'which' displays matches for advertised NON-SENSITIVE lists if and only if
       a) it is an exact match ('which nb@pobox.com' should always show all
          NON-SENSITIVE advertised lists on which I am subscribed even if I'm
          sending the request from another e-mail address and if there's a lot
          of subscribers like xxxnb@pobox.com, yyynb@pobox.com, zzznb@pobox.com
    or b) the which request does not match more than two addresses on any 
          single list on this server
    or c) the requestor has list-owner priveleges for this advertised list.

> Any other thoughts?  (I'm redoing the internals of which at the moment,
> which is why I'm asking.)

If there were matches which Majordomo does not show for security reasons,
it should output something like:

"There were additional matches which are not shown for reasons of security
 and privacy protection. If you have several e-mail addresses and you're 
 trying to find out to which lists you are subscribed with each of your 
 e-mail addresses, simply send which commands by e-mail. You can do this as
 follows: From each of your e-mail addresses, send an email message to the
 Majordomo address MAJORDOMO\@$whereami and send only the word WHICH as the 
 message body. Each of these which requests will be answered by an e-mail 
 message which lists to which lists that e-mail address is subscribed.
 This procedure protects your privacy, because the output of that which 
 command is sent only to the owner of the e-mail address in question."

-- Norbert.

Follow-Ups:

Re: Is 'wh*ch' useful?
From: Jason L Tibbitts III <tibbs@hpc.uh.edu>

References:

Is 'wh*ch' useful?
From: Jason L Tibbitts III <tibbs@hpc.uh.edu>

Indexed By Date	Previous:	*Is 'whch' useful?** From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Date	Next:	*Re: Is 'whch' useful?** From: Brock Rozen <brozen@torah.org>
Indexed By Thread	Previous:	*Is 'whch' useful?** From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Thread	Next:	*Re: Is 'whch' useful?** From: Jason L Tibbitts III <tibbs@hpc.uh.edu>