|
|
| Author |
Message |
| 25 new of 123 responses total. |
srw
|
|
response 25 of 123:
| 
Jul 30 06:34 UTC 1995 |
I wouldn't expect an old mail folder to be readable by anyone but the
owner unless it were explicitly permitted. Regardless of where it was.
|
popcorn
|
|
response 26 of 123:
|
Jul 30 11:19 UTC 1995 |
This response has been erased.
|
kerouac
|
|
response 27 of 123:
|
Jul 30 21:57 UTC 1995 |
From what this user was saying, someone was using their unix files like
you would folders in pine, thus had lots of mail files like "joemail" or
"suemail" for instance based on however they grouped their old saved mail. And
while the saved messages in "mbox" were not readable, the sorted mail in
these other files apparently was.
I would think a way to solve this would be to disable the unix mailer and
force people to use pine or elm, which I think most people do anyway.
|
kaplan
|
|
response 28 of 123:
|
Jul 31 02:42 UTC 1995 |
No!!! Don't disable the unix mail program. Mail is very useful for
quickly checking and sending mail without the big programs, and for some
people who don't have their term type set, mail is the only program they
can use. But I'm sure something can be set so that mailboxes created by
mail are not world-readable. I forgot about that feature myself recently.
|
popcorn
|
|
response 29 of 123:
|
Jul 31 03:03 UTC 1995 |
This response has been erased.
|
srw
|
|
response 30 of 123:
|
Jul 31 06:11 UTC 1995 |
That really is a defect in that particular mailer. No mailer should
do that. Yuck.
|
rcurl
|
|
response 31 of 123:
|
Jul 31 06:14 UTC 1995 |
At some point I'd like to have more discussion of my suggestion to make
the default home directory perms be "user only", as a means to give users
better control over their files - while they are learning the ropes - and
also as a means to make users' files less inadvertently public.
|
adbarr
|
|
response 32 of 123:
|
Jul 31 10:49 UTC 1995 |
Re: ## 29, 30 - The actions you describe, Valerie, are scary. A deliberate
invasion of privacy and misuse of the system is, to me, a malicious
act that should have consequences. It is troubling to have
individuals using this system who demonstrate such an extreme lack
of basic moral training. Behavior such as you describe cannot
be long tolerated.
|
davel
|
|
response 33 of 123:
|
Jul 31 10:58 UTC 1995 |
How hard would it be to make mail set the umask properly?
|
davel
|
|
response 34 of 123:
|
Jul 31 11:00 UTC 1995 |
That is, in particular: would it break anything to do so?
|
popcorn
|
|
response 35 of 123:
|
Jul 31 11:46 UTC 1995 |
This response has been erased.
|
sidhe
|
|
response 36 of 123:
|
Jul 31 22:10 UTC 1995 |
Ah, a misread on my part. Well, if it's truly a problem,
putting a 711 on home is probably a fine idea.
|
dam
|
|
response 37 of 123:
|
Aug 1 00:09 UTC 1995 |
I like to see an open user file system. I can not begin to measure how much
I have learned by looking at other people's script files, .logins, etc.
this works especially well if you already know someone is doing something
similar to what you want to do, like say setting up .mailrc options or
something like that.
on the other hand I do understand the concerns of people's privacy, especially
when it comes to mail.
|
srw
|
|
response 38 of 123:
|
Aug 1 06:19 UTC 1995 |
With the exception of the (defective, imo) ucb/mail mailer, the system
takes care of privacy wrt mail. I also like the open look.
The problem is not the umask, it is the perm requested on the file open
(which is anded with umask, typically). It's too broad in ucb/mail.
It should be a matter of modifiying the source code and recompiling
ucb/mail. no?
|
rcurl
|
|
response 39 of 123:
|
Aug 1 07:22 UTC 1995 |
I didn't give much thought to the open home directory until this matter
of smut files came up. I think grex is protected better from random
searches and accusations of promoting smut if it is not stored in
the "store window". Making the default perm on home directories 711
takes care of this for ll new users - it could then be up to users
how open they want their directory and files to be. I'm pushing this
as a *substitute* for even thinking about censorship.
|
popcorn
|
|
response 40 of 123:
|
Aug 1 13:01 UTC 1995 |
This response has been erased.
|
scg
|
|
response 41 of 123:
|
Aug 2 04:28 UTC 1995 |
If the Exon bill becomes law, and holds up in Court I'll start thinking about
this differently. For now, it seems to me that if people go looking around
in other peoples' home directories, they should expect to see other people's
stuff. If they don't want to look at smut, they shouldn't go looking for smut
files.
|
rcurl
|
|
response 42 of 123:
|
Aug 2 08:01 UTC 1995 |
Ahh - but I have met users (via write-help) who *do* go looking in
others directories for smut because they like smut, and I can imagine
others doing it because they don't. Shall we have a contest to see who
can find the most publically accessible smut on Grex in a period of
24 hours?
|
mdw
|
|
response 43 of 123:
|
Aug 2 08:01 UTC 1995 |
I'm sure mail can be changed without *too* much trouble; the source is,
after all, readily available. It might be a smidgeon harder to make
sure it does the locking right and doesn't (for example) lose mail sent
right when it starts up.
|
robh
|
|
response 44 of 123:
|
Aug 2 09:55 UTC 1995 |
Re 42 - Actually, I was surprised to see someone say in party
that "Grex has a lot more GIFs than M-Net". He didn't say what
kind of GIFs they were, but one has to wonder...
And even if people are storing dirty pictures and such on Grex,
ennh, big deal. I'd be more concerned about the bandwidth
needed to upload and download them than the content.
|
ajax
|
|
response 45 of 123:
|
Aug 2 17:01 UTC 1995 |
I did a "locate gif," and it turned up about 450 images, none
of which had obviously smut-like names. Most were in "www"
subdirectories (one person had about 100 of 'em), which I gather
is misguided, as Grex's httpd doesn't transmit such images (is
that true?). Last I checked, locate found files regardless of
their directory's permissions, so even if people hid files or
directories from "ls" lists, locate would list them (names only,
not contents).
|
rcurl
|
|
response 46 of 123:
|
Aug 2 21:08 UTC 1995 |
Re #44: let's be clear (as some politico says....) - I'm not concerned
either about what people store in their directories on Grex, but I am
concerned about busybodies finding faults that I don't find with what
users store. We don't invite the public in to peruse our personal home
libraries, so why do we do that here? Of course, we see more and more
people wearing their hearts on their sleeves, with homepages, but I think
that that is a passing fad.
|
davel
|
|
response 47 of 123:
|
Aug 2 21:11 UTC 1995 |
If you've got a program that searches dirs you don't have permission to
read or search, I think we've got a program. I'm not familiar with
locate unless it's an alias of find.
|
rcurl
|
|
response 48 of 123:
|
Aug 2 22:00 UTC 1995 |
You have to give locate a pattern to search for, so you have to know
(or suspect) a filename (or part thereof). You can do that now in
directories chmod 711 - you can't list the directory contents, but
you can read any file in it which is permitted read to you if you
know the filename. There is a man locate, and it does not appear to
be an alias of find...but I'm not very good at reading man pages ;-{.
|
robh
|
|
response 49 of 123:
|
Aug 2 22:17 UTC 1995 |
Re 45 - Yep, the picture-sending capabilities of our httpd have
been turned off. A *lot* of users were annoyed about this,
then again none of them offered to help pay for more bandwidth...
|
