[Full-Disclosure] FD should block attachments
Paul Schmehl
pauls at utdallas.edu
Fri Apr 2 20:54:32 BST 2004
--On Friday, April 02, 2004 01:27:19 PM -0500 Valdis.Kletnieks at vt.edu wrote:
>
> 1) Upload the file to a webserver (which Joe User often doesn't have)
> 2) Set permissions on the file so only the recipients can get it.
> 3) Figure out the resulting URL for inclusion in the mail.
> 4) Deal with removing the file after a week or so.
> 5) All the *other* cruft involved in that whole process.
>
> In general, *not* something your Aunt Tillie can deal with.
What do you want to bet that the people who actually have something
*useful* to send to the list have websites they can put it on or ftp sites
and can provide the url to those who want to obtain the sample?
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
Full-Disclosure is hosted and sponsored by Secunia.