[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ProgSoc] Whitelist perhaps?
On Thu, 11 Aug 2005 7:18 pm, Peter Anthony Brownlow wrote:
] In what form is the white list? DB rows? Big flat text file?
] I can't see adding to or removing from either being hard. Tell me where
] to get usernames, against what to verify progsoccers' usernames and
] passwords and where to shove the results and I'll do it.
Yes.
It's very easy to do, I'm sure.
The problems (from a programmatic point of view) are the rights needed
to write to the whitelist (avoidable by having symlinks to non-
privileged files) and authenticating the user via the web front end
(partly solvable by using https). Some significant amount of work
would need to be done in sanity checking the input data.
I reckon it'd be several hours work to get something cranked up
with PHP.
But .. (the question remains) .. why?
If this is purely a knee-jerk reaction, with or without the patella
component, to the recent fug up WRT subscribing the list to that
world scientist thing .. keep in mind that the same mindlessness
that led to that subscription being made would apply if owner of
said cranial cavity were faced with a web interface to allow access
to the list.
It took some seriously dumb activity on behalf of that *progsoc
member* to subscribe us to that list. Regardless of how pretty the
web interface was that you're thinking about writing, you can't
protect us from internal dumbness.
Let me spell it out even more plainly.
If someone already has a set of authentication credentials to progsoc,
then we're stuffed -- insofar as the solution (to the unnamed problem)
that you're proposing WILL NOT SOLVE (the problem as I see it).
While we're talking about answers to undefined questions, come up
with an answer to the question of how you handle ad hoc additions
to the list when you're on a network that will happily relay your mail
but won't let you talk http(s) at all.
In the other hemisphere, how do we get the jobsoc posters (who are
typically not subscribed to the list, and don't have any kind of
authentication credentials either) access to post?
Jedd.
-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@xxxxxxxxxxxxxxxxxxx
If you are having trouble, ask owner-progsoc@xxxxxxxxxxxxxxxxxx for help.