Subject: The mailing list for listmasters using Sympa
List archive
- From: Courtney Banks Schley <address@concealed>
- To: address@concealed
- Subject: [sympa-users] INVITE command and security flaw?
- Date: Mon, 1 Sep 2014 10:07:33 -0400
Hello,
I'm running a list on Riseup.net. In their help documentation, it notes that
the INVITE command (to add users to a list by emailing address@concealed
with:
INVITE list-name email-to-invite QUIT) is automatically disabled for private lists, because it would open the list to a security hole. (see here: https://help.riseup.net/en/lists/list-admin/faq#how-do-i-invite-someone-to-my-list)
I can’t find further info on what the security hole is. I’m not sure if this is specific to riseup.net lists, but haven’t gotten any responses from their help desk. I just wanted to ask if any SYMPA users here are familiar with what the security hole is, so I can determine whether I want to enable INVITE on my private list.
Thanks!
Courtney
-
[sympa-users] INVITE command and security flaw?,
Courtney Banks Schley, 09/01/2014
-
Re: [sympa-users] INVITE command and security flaw?,
Zeikat, Wolfgang, 09/01/2014
- Re: [sympa-users] INVITE command and security flaw?, Courtney Banks Schley, 09/01/2014
-
Re: [sympa-users] INVITE command and security flaw?,
Zeikat, Wolfgang, 09/01/2014
Archive powered by MHonArc 2.6.19+.