Wed, 11 Jun 1997 09:14:57 +0200
|
On Wed, 11 Jun 1997 15:04:59 +1000 David M
<[log in to unmask]> said:
>Yes they can have access to the resources that my password gives me but
>they should not know what my personal password is as I might use it for
>other purposes too.
I think what you meant is that you should not use your LISTSERV password
for anything else because the administrator can easily intercept and
review all incoming mail and find out what password you are using :-)
Quite a number of problems are due to people using the wrong password,
using national characters in passwords that don't arrive the way they
were sent, getting the syntax of PW= wrong, claiming they sent a password
when in fact they didn't (for instance because they thought putting it on
a line by its own after the last command was the way you do it), etc.
Debugging this with all passwords hidden from the log would be difficult.
Conversely an evil super-user who wants to listen in to some passwords
just needs to do insert a little filter in the 'listserv:' entry in
/etc/aliases that appends the message to a file, and I'm sure even a
novice administrator would know how to write that program, it's probably
included in every perl book as one of the early exercises :-) Since these
passwords are sent by clear-text e-mail you're just not going to be able
to prevent administrators from finding out what they are. Maybe one day
PEM will become widely available and the whole authentication scheme will
change, but with plain text passwords sent over a medium that often
bounces stuff to the postmaster (the postmaster being usually a bored
student who figured this paid more than 7/11), you just have to accept
that security is limited. This is why there are options to disable
password usage and force the use of the "confirm" mechanism.
Alternatively if the owner is on the same side of a firewall (or on the
same machine) as LISTSERV, passwords are usually quite safe.
Eric
|
|
|