--- KeN ClarK <[EMAIL PROTECTED]> wrote: > i've looked through 'learning perl' 2nd edition, and am confused. much. i > want to create an interface for system users to update their .forward > files in their $HOME directories. > > I want this to be a web-based interface. The webmail program I am using is > openwebmail, and doesn't have this functionality, yet.
Ken, Doing this is not difficult. Doing it right is difficult. What problem are you trying to solve? If you just want to give users a simple method of managing this, I would provide them with the phone number of the Help Desk. Imagine what happens if Chris Cracker gets into your system and inserts an extra email address in the .forward file (if I understand them correctly, multiple addresses separated by newlines will go to multiple accounts). If this occurs, someone could have all of their email apparently forwarded correctly and a copy of that email can get forwarded to any account Chris Cracker wants. This would be a great tool for corporate espionage. Security and convenience are mutually exclusive. If you're not absolutely sure something is secure, then it's not secure. If you're positive it's secure, than it's probably still not entirely secure. Heck, some maintenance programmer comes along and makes an innocuous change in your secure code and you could be left wide open. Maybe another security hole somewhere else opens up. Maybe I call up John Doe and explain that it appears not all of his email is being forwarded and could I please have his password to test it? That last example is known as Social Engineering and it's the one loophole that's virtually impossible to close. You may want to read this piece about security: http://www.perlmonks.org/index.pl?node_id=129470 Cheers, Curtis "Ovid" Poe ===== Senior Programmer Onsite! Technology (http://www.onsitetech.com/) "Ovid" on http://www.perlmonks.org/ __________________________________________________ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
