>Having not seen a copy of InfoMagnet personally, I may not be truly
>qualified to offer an opinion, but I fail to understand why you would
>need to "take over" a user's ID to do these things.
A very good point, and one mostly of ease on my end. I wouldn't have to add
the smarts for the administrator language commands. This isn't too big a
deal, but it does impact the amount of time for development, which of course
affects the cost/benefit analysis of whether the project is worth doing.
>I really like
>your windowing idea which would allow a manager to act on several
>accounts simultaneously. I know, as a manager of HOMEFIX and SAVEIT-L,
>that much of my time goes to correcting simple, routine problems
>like the ones you describe.
Same thing for me.
>In my own view, this would create more problems than it would be worth.
>The security aspects of this proposal bother me. I'd like to know that
>there's virtually no potential for abuse.
I'm tempted to make InfoMagnet disallow list-ownership features to all but
the lists you allowed to touch. I already have a serial # keyed off the
user name, it would be easy to have serial # codes keyed off the listname.
So, if you say your are the owner of "magnet-l" - I check it w/review, and
if it is give you a serial number keyed off the list, say "LST-MAGNET-L-YTW"
the YTW is a CRC of sorts on the rest, and InfoMagnet can then determine
that you are a listowner of magnet-l.
I'd like to point out that this is _much_ more secure than what is currently
out there, namely programs such as eudora, which let you take on the email
identity of anyone you choose, with no possibility of being traced.
And...we don't hear of Eudora abuses on a daily basis.
>In addition, this proposed LM
>version would not actually give list-owners the power to do several
>essential functions that are specific to list-owners. I would not find it
>very convenient to have to switch back and forth between using this LM
>version for some functions and using "normal" methods for other functions.
A good point - I'd like to know if other list-owners feel the same way.
>-- PUTting files in general
Do-able.
>-- Editing and PUTting the list header specifically. A GUI might be
>developed to enable changing most header keywords by toggling, or
>cutting/pasting addresses for Owner=, Editor=, Filter=, Notify=.
Seems to me that this should be a feature of LISTSERV, and not of InfoMagnet.
>-- Managing error notices. Some part of the program might gather up
>notices and report daily to the list-owner, and offer a menu for actions.
>A sub-routine might collect alleged "user unknown" addresses and after X
>days (X set by the list-owner) offer actions. The list-owner would be
>alerted immediately if a first time error notice had been delayed for 7
>days or longer.
Obviously a LISTSERV function, since LISTSERV already does a great deal of
this list owners.
>As the List Owner it would be better to use the output from a "get listname
>(nolock" so you also have the concealed users. Heck, then you could even
>interpret columns 80+ and give a window of who is set to conceal, mail,
>digest, topic, etc.
A very good suggestion! In fact, InfoMagnet could require this, since only
list owners can get this information. That would greatly simplify the
security issues since InfoMagnet could assume that anyone who has this file
must be an administrator for that list.
John
John Buckman - [log in to unmask] - (301) 718-7840
Walter Shelby Group Ltd. - Internet Software Publishers
http://www.shelby.com/pub/shelby/ - ftp://ftp.shelby.com/pub/wsg
|
