Fri, 11 Dec 1992 03:32:02 +0100
|
On Fri, 11 Dec 1992 03:33:38 IST David Sitman <[log in to unmask]>
said:
>Users can not delete themselves because of the "Validate= All commands"
>parameter. It is not new and it has very little to do with transmission
>method. This is an issue that Eric Thomas and I have crossed swords on
>in the past. For the rationale behind this parameter and its effect, see
>the document LISTKEYW MEMO. I tried unsuccessfully to convince Eric to
>abolish it or change it just because of lists like the one you mention:
>subscription is open, so anyone can fall into the list innocently, but
>you can only get off the list when the list owner sends a delete command
>with a valid password.
As you said it is not new that there are a lot of keywords one can set to
all sorts of values, and LISTSERV does not try to detect configurations
which are "stupid". For instance you can have a list for which anyone can
join, nobody is notified when people join and leave, but you have to be
on the list to review the archives. And you can have a list where anyone
can join but signoff requests from non-local users require list owner
approval. I run a number of lists with this latter feature but closed
subscription, or then confidential lists where all users are local and I
see no reason to give hackers an easier time than needed, and don't see
why I should give it up such because it can be misused in other cases.
Eric
|
|
|