The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #143 [Re: addition to phage mailing] (1 message, 726 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/143.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Paul A Vixie <vixie@decwrl.dec.com>
To: phage
Date: Mon 23:34:39 07/11/1988 EST
Subject: Re: addition to phage mailing
References: [Thread Prev: 137] [Thread Next: 147] [Message Prev: 140] [Message Next: 144]

# If instead of adding the list that Craig requests, Craig were just to forward
# any message you sent to his own private list, how have you added any security?

I'm not sure any of us have time for meta-issues.  I'll go with whatever Gene
decides.

But the problem is, if someone on some machine in the outback gets write
access to /usr/lib/aliases, they can snoop without us knowing.  On this
list, that's probably not that important -- we aren't going to say much
more that's useful to potential intruders.  But in general, security-type
mailing lists need to be as secure as they can conveniently be made.

If Gene agrees with me and suggests that noone add any sub-lists, I expect
that Craig would go along.  Anyone on Gene's list would probably have that
attribute.

But like I said, none of us have time to argue meta-issues.  My opinion is
now known; I'll go along with what Gene does.

Paul

END OF DOCUMENT