Re: Debian is secure, the debian lists are not.
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 6 Aug 1998, Luis Francisco Gonzalez wrote:
> Given that we know of no case of somebody unsubscribing others for fun,
> I don't think there is much weight in the argument of doing it that
> way.
Well, we know of no case of somebody uploading a trojan horse to Incoming,
but currently pgp signatures are required for all uploads. I don't think
this is so different. We have to be secure before the harm is
made for the first time, not after.
In your particular case (which is an exception), I assume a PGP-signed
mail to the listmaster asking to remove you from the list could have
been also a solution. If needed, I would offer myself for this type of
assistance if the current listmasters think this is outside the scope of
a listmaster, but I don't think it will happen so often for more people to
become necessary in the listmaster role.
I would understand not to use cookies for lists like debian-user, which
are not "vital" for the project, but the remaining ones? Consider that
anybody may unsubscribe *anybody* from debian-devel while we sleep, one
day before the release, for example.
Why should we allow that?
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
iQCVAgUBNcnukyqK7IlOjMLFAQFXwwP9FbN0OveOoUG0jezRGgEVt8sE2lb4GBaA
MMg2/ttdpOpE5WIB2lFLPaVby14VLtaeRh2hWO9wbzV93TPvWkLkaxuOsmMdnTHI
GYBpU2kiiFAwpyxKN2rSLsHDgTJq5lL7aEdfoLNHvWZQaPVYIDuj9eryV7lwKMg9
1GdYImEbU+Y=
=awpY
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: