Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FD should block attachments

From: Tim <tim-security () sentinelchicken org>
Date: Fri, 2 Apr 2004 12:05:58 -0800


This will be more useful once there's a way to do all of the following:

1) Upload the file to a webserver (which Joe User often doesn't have)


Granted, some people don't have good access to web hosting resources.


2) Set permissions on the file so only the recipients can get it.


This is a public list, with public archives.  This isn't a consideration.


3) Figure out the resulting URL for inclusion in the mail.


If you know how to put content on a webserver, this isn't really a hurdle.


4) Deal with removing the file after a week or so.


Why?  


5) All the *other* cruft involved in that whole process.


Not sure what you mean by this.


I don't disagree that it can be difficult for some, but I doubt there
are that many Aunt Tillies on this list.  Perhaps some of the Security
Focus lists, but full-disclosure?  Aunt Tillie would last about 24 hrs
on this list before unsubscribing due to the shear volume of crap here.
Including the administrivia we are now discussing. ;-)

tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: