Why can't mail have unpost command
trent at cit-vax.UUCP
trent at cit-vax.UUCP
Mon Feb 23 05:37:42 AEST 1987
In article <1690 at druhi.UUCP> clive at druhi.UUCP (Clive Steward) writes:
>Isn't this the usual acolytes circling like moths around the flame of the
>eternal Operating System (and utilities-that-come-attached-to-it)?
Actually, it's quite the opposite. (see below)
>Go out and remove the most recent mailing (if any) from the unmailer,
>in the receiver's /usr/mail spoolfile. A good implementation would send
>the removal back, so the unmailer could be sure he got the right one.
ARRGGHH! So...you propose to make the mail system *totally* unsecure
instead of mostly unsecure? I personally think security sucks, but
with mail there is a certain question of privacy. The only reason
news's 'cancel' is relatively secure is that very few people know
the fairly arcane protocols. If you know them, you can cancel *anybody's*
news articles, and post them in *anybody's* name. You can already do the
latter with mail, would you like for everybody to be able to do the
former as well? I, personally, would prefer that no one be able to affect or
read my mail unless they have my password or are root. (it'd be nice if
root couldn't, but I can't think of anyway to prevent it)
Tell me, how do you prevent someone from simply coming in and 'canceling'
someone else's mail, reading the return copy, and resending it? That is,
unless you want to rewrite mail to pass along a password or something.
(what a hassle, mail's hard enough for novices to use without forcing this
kind of shit on them) (and, besides, novices are the ones most likely to
screw up) (and, besides, what password do you think novices are going to
use? (hint: their login password) Do you think it's a good idea to
be broadcasting this to the world?)
Look, with U.S. Mail, once your letter leaves your mailbox, or is inserted
into a drop box, there is absolutely *no* way to recall it. (legally)
The only difference with email is that the postman comes by and empties
your mailbox within minutes if not seconds. If you're really paranoid, use
the suggestion to send your mail with at(1).
The reason that this is the opposite of the acolyte circling the flame
problem is: the way mail is implemented now, anyone can write their own mail
interface and be relatively assured that they will be able to use it.
If you rewrite the protocols to e.g. require passwords for system to
system connections, then only acolytes will be able to use the system.
--
"Party until it hurts; then, party 'til it don't hurt no more."
../ray\..
(trent at csvax.caltech.edu, rat at caltech.bitnet, ...seismo!cit-vax!trent)
More information about the Comp.unix.questions
mailing list