[Mailman-Developers] MailMan-Traffic
Carson Gaspar
carson@taltos.org
Thu, 25 Apr 2002 06:11:10 -0400
--On Tuesday, April 23, 2002 11:29 AM -0700 Chuq Von Rospach
<chuqui@plaidworks.com> wrote:
> This, FWIW, is turning into a crucial issue for me. We've come ot realize
> the subscriber lists are a corporate asset that needs protecting, so a big
> To Do item for me now is to get them into a system inside the firewall and
> off the mail list machine in the border zone, so if there's a break-in,
> the data is cloistered.
Speaking as someone who has just a few years of computer security
experience, the above proposal accomplishes just about nothing,
security-wise. If the mail list system in the DMZ can get the subscriber
data from the system inside your firewall, then so can any attacker that
compromises the mail list system. If you have some sort of read-only access
to the datastore, then you may be protected from corruption, but not
disclosure.
--
Carson Gaspar - carson@taltos.org
Queen Trapped in a Butch Body