On Sat, 2002-06-15 at 15:09, Colin Walters wrote: > [ I am subscribed to -hackers; no need to CC me ] > > On Sat, 2002-06-15 at 14:58, Joe Marcus Clarke wrote: > > > Actually, mailers like Pine removed this feature since it was considered > > a security risk. Would you want _everyone_ you sent mail to to know > > what OS and platform you ran on? This might be a nice optional feature, > > but I couldn't see this as being enabled by default. > > Considering that Evolution currently advertises what version you're > running, there is precedent. > > For example, I am still currently running Evolution 1.0.3, which has > that nasty From: crashing bug, becuase I haven't bothered to update my > patched Debian packages of Evolution. So there is a security risk even > in just displaying the version of Evolution (and arguably a greater one > than that of displaying your GNU system configuration type).
Agreed. I think Evolution shouldn't advertise any thing about the MUA. Pine used to create Message-IDs like: Message-ID: <[EMAIL PROTECTED]> This could show potential hackers that you're running a vulnerable MUA. Now, the message ID is: Message-ID: <[EMAIL PROTECTED]> Not as easy to tell what version of Pine I'm running. Joe > > > _______________________________________________ > evolution-hackers maillist - [EMAIL PROTECTED] > http://lists.ximian.com/mailman/listinfo/evolution-hackers >
signature.asc
Description: This is a digitally signed message part