Mailinglist Archive: opensuse-security (457 mails)

< Previous Next >
RE: [suse-security] ID wwywxugwisi... thanks
  • From: john@xxxxxxxxxxxx
  • Date: Tue, 17 Feb 2004 09:50:21 -0800 (PST)
  • Message-id: <Pine.LNX.4.58.0402170948050.19642@xxxxxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



I agree that it's a dumb idea, but these virii don't know and don't care
what the purpose of this list is. Someday some nitwit will stumble onto a
piece of code that exploits an as-yet undiscovered flaw in one or more
linux email clients, and we'll have a small disaster. It's just plain
naive to think this will never happen. Perhaps later than sooner, but
there is a lot more likelyhood that it will than it won't.

Since it does no good to complain without offering a solution, here's an
idea:

Why not require all messages posted to this list to be signed with the
users's gpg key? Building functionality into the list daemon to verify
signatures would be easy task and would also help cut back on the spam
that invades this list from time to time. Users can supply their public
key at subscription time or it can be pulled from a keyserver when the
users posts. It's really not a huge inconvenience...


I'm signing this post to show how easy it is.



Just my modest input...




On Tue, 17 Feb 2004, Tobias Weisserth wrote:

> Hi,
>
> A pretty dumb idea to send virus mails to a Linux security list, isn't
> it? :-)
>
> Am Di, den 17.02.2004 schrieb Rainer_Link@xxxxxxxxxxxxx um 16:52:
> > That's Bagle.B - jsut in case.
> >
> > best regards,
> > Rainer Link
>
> cheers,
> Tobias
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>

- --
- -linux_lad
public key on request
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQFAMlRdwHqKF2/3fvYRAhClAJ9sy5vHirwqRh6LKsF14flsF0InOACgmLFQ
ZGZurdgH7viyxoHn3MnmwIY=
=LjfI
-----END PGP SIGNATURE-----

< Previous Next >