On Wed, 11 Jun 1997 15:04:59 +1000 David M <[log in to unmask]> said: >Yes they can have access to the resources that my password gives me but >they should not know what my personal password is as I might use it for >other purposes too. I think what you meant is that you should not use your LISTSERV password for anything else because the administrator can easily intercept and review all incoming mail and find out what password you are using :-) Quite a number of problems are due to people using the wrong password, using national characters in passwords that don't arrive the way they were sent, getting the syntax of PW= wrong, claiming they sent a password when in fact they didn't (for instance because they thought putting it on a line by its own after the last command was the way you do it), etc. Debugging this with all passwords hidden from the log would be difficult. Conversely an evil super-user who wants to listen in to some passwords just needs to do insert a little filter in the 'listserv:' entry in /etc/aliases that appends the message to a file, and I'm sure even a novice administrator would know how to write that program, it's probably included in every perl book as one of the early exercises :-) Since these passwords are sent by clear-text e-mail you're just not going to be able to prevent administrators from finding out what they are. Maybe one day PEM will become widely available and the whole authentication scheme will change, but with plain text passwords sent over a medium that often bounces stuff to the postmaster (the postmaster being usually a bored student who figured this paid more than 7/11), you just have to accept that security is limited. This is why there are options to disable password usage and force the use of the "confirm" mechanism. Alternatively if the owner is on the same side of a firewall (or on the same machine) as LISTSERV, passwords are usually quite safe. Eric