Tue, 20 May 2003 08:25:48 -0400
|
If you think that your password being part of your code is a security
risk, take a browse through some of the system logs. I can get the
password for any user by looking there.
I'm new to Listserv, and I can not believe they do this. Even users
connecting to the web interface have their passwords logged. It should
either be X'ed out or just not logged.
---
Inanimate objects rock with glee
as they conspire to baffle me. - Ogden Nash
William Brown
Email/Internet Services
Erie 1 BOCES
(716)821-7285
Lanny Pierce <[log in to unmask]>
Sent by: LISTSERV list owners' forum <[log in to unmask]>
05/19/2003 06:29 PM
Please respond to LISTSERV list owners' forum
To: [log in to unmask]
cc:
Subject: Re: [LSTOWN-L] Some minor automation
The easiest was to tack my password on to the generated command, and it
worked like a charm. My only problem with that is that, as stated, my
password is part of the email (and part of the source code) and that
makes me very uneasy. I wish there was some way to 'mask' that, but I
will study and see if I can figure out the best way to go (right now I
am leaning towards the user-confirms scenario, which only takes them to
one screen or they can reply to the email if they prefer).
|
|
|