>>>>> "S" == SRE <firstname.lastname@example.org> writes:
S> I wish there was a way to make sure they could see their OWN settings
S> with no risk that they could see someone else's.
For email users, this is the case. If they forge their address in the
email they send to Majordomo, the reply (with the user's settings) goes
back to the user whose address was forged in, not the person who did the
forging. Thus the forger gets nothing. mj_shell doesn't have that level
of security, but I'm leaning towards always assuming an address from
mj_shell is a forgery.
Confirmation always works, of course. And 'show' does confirmation in the
case of an address mismatch.
For 'who', if you want to show something, set default_flags to include 'h';
then, like mj2-docs, 'who' shows only names and is not harvestable.