Francoise Becker wrote:

> On 29 Feb 2004 at 14:18, Paul Russell <[log in to unmask]> wrote:
>
>
>>Lists configured with 'confidential=service' are treated inconsistently. They
>>are not included in the output of a 'lists' command submitted from an address
>>outside the server's defined service area, however, they are included in the
>>archives menu (/archives/index.html), which is accessible by anyone anywhere.
>>Lists configured with 'confidential=service' should not be included in the
>>archives menu.
>
>
> If that's what you want, just use confidential=Yes. That's what
> confidential=Yes does.
>
> Francoise

There are valid reasons for using 'Confidential= Service', just as there are
valid reasons for using 'Confidential= Yes' or 'Confidential= No'.

When building the archives menu, LISTSERV excludes only those lists which are
configured with 'Confidential= Yes', however, the archives menu page can be
accessed by anyone anywhere. Consequently, LISTSERV is ignoring the intent of
every list owner who has configured his/her list with 'Confidential= Service',
thus making it possible for anyone anywhere to learn of the list's existence
simply by viewing the archives menu.

Given the fact that it is possible for individual list owners to define their
own services areas, it is probably infeasible to construct multiple archives
menu pages based on the lists' service areas, however, it should be relatively
easy to ensure that only public lists, i.e., those configured with
'Confidential= No' are included in the public archives menu.

--
Paul Russell
Senior Systems Administrator
University of Notre Dame