--On Tuesday, April 23, 2002 11:29 AM -0700 Chuq Von Rospach
<[EMAIL PROTECTED]> wrote:
> This, FWIW, is turning into a crucial issue for me. We've come ot realize
> the subscriber lists are a corporate asset that needs protecting, so a big
> To Do item for me now is to get them into a system inside the firewall and
> off the mail list machine in the border zone, so if there's a break-in,
> the data is cloistered.
Speaking as someone who has just a few years of computer security
experience, the above proposal accomplishes just about nothing,
security-wise. If the mail list system in the DMZ can get the subscriber
data from the system inside your firewall, then so can any attacker that
compromises the mail list system. If you have some sort of read-only access
to the datastore, then you may be protected from corruption, but not
disclosure.
--
Carson Gaspar - [EMAIL PROTECTED]
Queen Trapped in a Butch Body
_______________________________________________
Mailman-Developers mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-developers
