LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L
Options: Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Topic: [<< First] [< Prev] [Next >] [Last >>]

Parts/Attachments: text/plain (18 lines)
Print Reply
Mime-Version:
1.0
Sender:
LISTSERV give-and-take forum <[log in to unmask]>
Subject:
Re: Passwords
From:
Adam Bailey <[log in to unmask]>
Date:
Thu, 8 Jun 2000 21:06:26 -0500
Content-Type:
text/plain; charset="US-ASCII"
Reply-To:
LISTSERV give-and-take forum <[log in to unmask]>
 
On 6/8/00 7:14 PM, John, Laura <[log in to unmask]> wrote...

>We are running List Serv 1.08d. If a password becomes known, is it possible
>for an outsider to do anything to the lists or the List Serv if they are not
>an owner of a list?

Yes, by forging the email address of the list's owner, they could do
quite a bit of damage; including but not limited to taking control of the
list by removing the owner and putting themselves in charge. Passwords
should be kept very private, and validation enabled on high-risk
lists/hosts.


--
Adam Bailey    | Chicago, Illinois
[log in to unmask] | Finger/Web for PGP
[log in to unmask] | http://www.lull.org/adam/

ATOM RSS1 RSS2