On Thu, Jun 25, 2015 at 11:48:57AM -0500, David Champion wrote: > * On 25 Jun 2015, Derek Martin wrote: > > to secure it. That is a massive security failure. If other people > > are on your system and have access to the directory where your > > attachments are stored, YOU DO NOT WANT THIS. And if not, YOU DO NOT > > NEED THIS. So practically speaking there's no good, and significant > > I generally agree with Derek but I want to point out one exception to > this. There are use cases for allowing specific roles/service accounts > access to your unvetted email attachment files.
My argument here is that these things should not exist and should be effectively replaced by mailing lists and header editing, or something similar--but I understand that some people who need this type of functionality have poor options for doing those things, so I will not complain too loudly. :) -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpQgJXMbOayK.pgp
Description: PGP signature
