Hi I've written a file management script & associated HTML front-end that I wish to make available to list owners of our service via the list management interface. The only remaining issue I have is making it secure. As it stands, when they go to the list management interface they are presented with a button which makes a cgi call, eg: http://www.listservserver.ac.uk/cgi-bin/file.cgi?listname The problem is that if they just change the listname on the query string, it will take them to another list's file manager screen, which is obviously a big breach of security! Now, I could write my own ticket management program, but there are a number of issues associated with that. Therefore, is it possible to somehow use listserv's own ticket system, yet retain the integrity of my script? I guess, it would be like creating a custom function that operates under the listserv shell. Any ideas? Thanks -- Spencer Warhurst JISCmail Administrator