Date: Wed, 5 Dec 2001 22:37:19 -0800 (PST) From: Brian Behlendorf <brian@hyperreal.org> To: Owner of many system processes <william@hq.newdream.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: (WOT) Re: the best edited picture ever Message-ID: <20011205222931.L5713-100000@localhost> In-Reply-To: <20011206044206.GD12011@hq.newdream.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 5 Dec 2001, Owner of many system processes wrote: > closing the list to off-list subscribers seems to be the simplest > option, and while it might be annoying, there could be some sort of > alternate method of allowing people to post to the list (maybe a web > form for non-subscribers or something)? I don't know about majordomo or mailman, but in ezmlm, one can configure it such that subscribers posts go through, and non-subscribers posts get bounced for moderation (which are easy to approve, and moderation responsibilities can be shared), and in the process of approving a message a moderator can also add said user to a list of "allowed" posters. So pretty quickly all those posting from alternate addresses or the occasional useful outsider get in that allowed list, and the stuff that gets caught ends up being mostly spam. My only worry is that it's a list about security, where time is critical, and if a moderator fails to approve a post it could be a Really Bad Thing; you don't want to see "vendor was notified, but didn't bother to respond" in a bugtraq post about a FreeBSD vulnerability. Moderation posts that are ignored time out after ten days and go back to the original poster, with an explanation that the moderator "didn't act upon" it, so at least stuff doesn't get lost. The challenge with sharing moderation is that every moderator gets every moderation request, and it's only the first response that is considered, so there'd be lots of wasted time spent or potentially miscommunication, "oh, I thought Bob was going to handle it this week", etc. I've wanted to create a web UI for moderators that listed all curent unapproved messages in the queue, so that you wouldn't get that duplication. Maybe you'd have a daily reminder email of the messages in the queue so people who are event-driven and never can remember to visit particular sites regularly (like me) wouldn't forget. Blah blah. Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011205222931.L5713-100000>