[Mailman-Developers] Re: what is being checked?
Phillip Porch
root@theporch.com
Wed, 21 Jul 1999 05:40:15 -0500 (CDT)
On 21 Jul 1999, Harald Meland wrote:
> Date: 21 Jul 1999 10:13:49 +0200
> From: Harald Meland <Harald.Meland@usit.uio.no>
> To: Phillip Porch <ppp@theporch.com>
> Cc: Stephen Modena <shimshon@theporch.com>, test-admin@theporch.com,
mailman-developers@python.org
> Subject: Re: [Mailman-Developers] Re: what is being checked?
>
> [Phillip Porch]
>
> > > My suggestion is: these sort of things should require the "password=<>" on
> > > the same line as the request. If I am a legitimate subscriber, I can
> > > punch the HTML button to get my password mailed to me...it's not like I
> > > have to keep it on a post and would be an inconvenient imposition to
> > > require that parameter as part of the request.
> >
> > I think it is the way it is to accomidate the different privacy
> > settings.
>
> I'm not sure of the exact context here, but yes, different
> private_roster settings will give different results for the "who" mail
> command.
>
> * If "private_roster" is set to "List admin only", the "who" mail
> command will tell you "Private list: No one may see subscription
> list."
>
> * If set to "List members", it wil tell you "Private list: only
> members may see list of subscribers." unless the request sender
> address is a list member. This is the same algorithm that is used
> for deciding whether or not the "password" command with no
> arguments should mail back the member password or not -- so
> requiring a password to the "who" command in this case would just
> mean extra hassle, and not extra security.
>
> * If set to "Anyone", the roster will be mailed back without forther
> checking.
>
> In all cases only non-hidden member addresses are included in the
> roster.
>
> This all mimics the information available via the web interface
> closely.
>
> Does that answer the questions you have?
>
It does for me. How about you Steve?
--
Phillip P. Porch <root@sco.theporch.com> NIC:PP1573 finger for
http://www.theporch.com UTM - 16 514548E 3994397N PGP key