If you think that your password being part of your code is a security
risk, take a browse through some of the system logs.  I can get the
password for any user by looking there.

I'm new to Listserv, and I can not believe they do this.  Even users
connecting to the web interface have their passwords logged.  It should
either be X'ed out or just not logged.

---

Inanimate objects rock with glee
as they conspire to baffle me.  - Ogden Nash

William Brown
Email/Internet Services
Erie 1 BOCES
(716)821-7285





Lanny Pierce <[log in to unmask]>
Sent by: LISTSERV list owners' forum <[log in to unmask]>
05/19/2003 06:29 PM
Please respond to LISTSERV list owners' forum

        To:     [log in to unmask]
        cc:
        Subject:        Re: [LSTOWN-L] Some minor automation


The easiest was to tack my password on to the generated command, and it
worked like a charm.  My only problem with that is that, as stated, my
password is part of the email (and part of the source code) and that
makes me very uneasy.  I wish there was some way to 'mask' that, but I
will study and see if I can figure out the best way to go (right now I
am leaning towards the user-confirms scenario, which only takes them to
one screen or they can reply to the email if they prefer).