SJS wrote: > begin quoting Christopher Smith as of Wed, Jan 09, 2008 at 09:47:23AM -0800: > >> SJS wrote: >> > [snip] > >>> It's code. It works as text. Just include it in the body. >>> >>> A line of dashes works well as a separator. >>> >> You mean like what happens automatically when you use MIME attachments? ;-) >> > > Heh. > > MIME does a lot more than a line of dashes. > For inline text it doesn't do much more. >> In fairness, this is not the only list I use that has this feature, and >> sometimes it is warranted, but this is a group where people explicitly >> are supposed to share code. While you can encode snippets just fine >> inline (arguably for small bits of code it is even more convenient), it >> is kind of a mess to do that when multiple files are involved. >> > > That's what URLs are for. > You mean like imaps://..... ? ;-) >> message, put in dashes to separate files, and somehow encode file names >> and any relevant permissions and such at the beginning of each file. >> > > Permissions aren't generally needed, unless you're playing games with > them; at that point, you're probably better off with "ls -l" in the > appropriate directory. > Well, if you have shell scripts they are nice to have, but still, I agree permissions aren't that important (and not actually encoded by MIME, but they are by tar, which is the traditional tool for aggregating a group of files). > Plus, if someone wanted to comment on aspects of your layout and > design, it's right there, ready to be quoted. > Wait, your editor doesn't do mail?! ;-) >> ....or we could use standardized formats for doing such things. Then a >> computer could automate the work in a fast and error free fashion. Your >> mail client would understand the structure and perhaps choose not to >> download the code at all. The only real downside of this is that some >> old mail clients, all of which run on non-Linux platforms, have security >> flaws in them that can be exploited through attachments without the >> person reading the mail having a chance to avoid downloading the attachment. >> > > Or if it's really that complicated, you can provide a URL, and leave > the mailing list for discussion, and leave bulk file transfer out of > the discussion list. > Yes, that is what I ended up doing, and it has its own advantages and disadvantages.
I challenge the implied notion that allowing attachments suddenly allows "bulk file transfer" out of the discussion list. My code was smaller than your original posting, and because I was doing an attachment I took the trouble to compress it (and as you can image it's compression ratio was such that even with @#$$#@ base64 encoding this resulted in a significant net win). Indeed, your original suggestion to me was to post the code inline. So, yes, using URL's would keep the file transfer off the discussion list. Instead we'd be transferring URL's back and forth which would add nothing to the discussion, while simultaneously remove what was being discussed. > What are the real odds here that someone reading this list is lacking > access to a web-server on which to put code archives? > I would argue that they are greater than someone being vulnerable to an attachment exploit (which presumably was the motivation for this). >> What are the real odds here that someone reading this list is running >> one of these old, unpatched clients with no anti-virus (or really old >> anti-virus I guess) protecting them? >> > > At least one of us is using hotmail. > Hotmail is actually very well secured against attachments these days, although still somewhat vulnerable to inline Javascript (we could start stripping that I guess, but then it'd be even harder to share Javascript code samples ;-), it's biggest exposure is actually from.... URL's posted in messages. ;-) --Chris -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
