Majordomo-Workers: Re: Is 'wh*ch' useful? --> moved from -work

Majordomo-Workers
(October 1997)

Indexed By Thread: [Previous] [Next]

Subject:	*Re: Is 'whch' useful? --> moved from -work**
From:	Manar Hussain <manar @ ivision . co . uk>
Date:	Sun, 19 Oct 1997 04:45:45 +0100 (BST)
To:	majordomo-workers @ greatcircle . com
In-reply-to:	<ufaoh4pnz4o.fsf@sina.hpc.uh.edu>
Organisation:	Internet Vision


>BH> It is true that it will not prevent anyone from seeing specific
>BH> addresses. However, you would have to iterate over every single
>BH> alphanumeric string permutation to be able to identify all subscribers
>BH> of a list. Assuming that was a computationally reasonable thing to do
>BH> in the first place, the same could be done with mail to Majordomo as
>BH> well.
>
>I agree with all but your last assertion.  Since it's possible to restrict
>which to an exact match (well, subject to aliasing and transformation) of
>the reply address (should we decide to do this), this completely prevents
>hacking since the hacker will never see the reply.  The web interface has
>no such restriction, since it can't verify the address and presents its
>results immediately.  The shell interface has the same problem.

It's worth remembering that the web interface can refer to a user
registration system that might have (for example) validated the requesters
email address at some recent point in time etc

Manar

References:

Re: Is 'wh*ch' useful? --> moved from -work
From: Jason L Tibbitts III <tibbs@hpc.uh.edu>

Indexed By Date	Previous:	Re: auto-wrapper in Makefile.PL for Majordomo-0.0199710080 From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Date	Next:	Re: auto-wrapper in Makefile.PL for Majordomo-0.0199710080 From: "Brian L. Heess - home" <DMbong@krumm.commline.com>
Indexed By Thread	Previous:	*Re: Is 'whch' useful? --> moved from -work** From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Thread	Next:	Hi-End Stereo and Video Equipment From: lBTW3LZm3@offshor.com