On Tue Dec 04, 2001 at 11:42:02PM +0100, Alexander Skwar wrote:

> > I don't see how having a password to protect against changes is
> > anymore secure than sending an unsub email that comes back to the
> > subscribed address with confirmation.
>
> To be honest, neither do I. It's simply a different way, but I don't
> see anything bad about it.

Well, the problem is the password is sent cleartext across an insecure
network. If I'm reading someone else's emails, or sniffing packets
and capture the password message from mailman, I can go to the web
interface and unsubscribe the user or change other options. There is
no confirmation AFAIK. This means the user will never know they have
been unsubscribed.

The advantage to return receipts for confirmation is that anyone can
send an email message to the list to unsubscribe, but the confirmation
is sent to the email address in question. The person sending the
unsubscribe would have to have physical access to that person's email
to reply to that message, *as* that person.

The probability is very small that this would happen, unless someone
has access to your mailbox (either via remote or locally). With the
password scenario, anyone can unsubscribe people just because they
have one piece of info: the password. And since it is sent cleartext,
it's made easier.

It's completely insecure as far as I'm concerned.

-- 
OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD
Current Linux kernel 2.4.8-34.1mdk uptime: 15 days 0 hours 16 minutes.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org

iD8DBQE8DVKNIEPQ5f5vKv0RAqN+AJ9KQ/cvhShyxafa9/FUlv4iOQGWKwCgpyEm m67GrtbqOA8b1iTYHFjXdSs= =g/wS -----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]