[irc.git] / software / RELEASES / ircservices / achurch.org / services / lists / ircservices / 2004 / 004219.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [IRCServices] secure Identify Feature..
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20secure%20Identify%20Feature..&In-Reply-To=E1BDWk5-0004J3-HD%40lon1-hub.mail.demon.net">
   <META NAME="robots" CONTENT="index,nofollow">
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="004218.html">
   <LINK REL="Next"  HREF="004220.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[IRCServices] secure Identify Feature..</H1>
    <B>M</B> 
    <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20secure%20Identify%20Feature..&In-Reply-To=E1BDWk5-0004J3-HD%40lon1-hub.mail.demon.net"
       TITLE="[IRCServices] secure Identify Feature..">mark at ctcp.net
       </A><BR>
    <I>Tue Apr 13 16:08:45 PDT 2004</I>
    <P><UL>
        <LI>Previous message: <A HREF="004218.html">[IRCServices] secure Identify Feature..
</A></li>
        <LI>Next message: <A HREF="004220.html">[IRCServices] secure Identify Feature..
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#4219">[ date ]</a>
              <a href="thread.html#4219">[ thread ]</a>
              <a href="subject.html#4219">[ subject ]</a>
              <a href="author.html#4219">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>Craig McLure wrote:
&gt;<i> This command would add things to make the channel more secure 
</I>&gt;<i> thou, If you did give the channel founder password to people 
</I>&gt;<i> you trust, and you find its being abused, you can simply 
</I>&gt;<i> remove that person from the access list, this way you dont 
</I>&gt;<i> need to worry about changing the password and re-distributing it :) 
</I>
The way to be secure is not to give out the founder password. You could
apply the same short sighted reason for a &quot;/ns set
letotherpeopleaccessmynick pass&quot; request. 

The founder password is designed to give the channel founder access to
manage the ownership of the channel. There is no need to give out the
password to anyone, channel management through others is provided via op
status. 

If for some peculiar reason a channel founder wishes to share the password
then IMO that is their problem. The chances are that any user that would
require modifying the access list to &quot;fix&quot; this, would likely be attempted
too late since a rogue user could have merely taken ownership of the channel
thereby making the option and the founder password redundant and merely make
it a problem that administrators waste time on. 

The founder can already provide access to whatever commands an op needs via
levels which is far more secure and already subject to access list
restrictions. 

What function of founder status is required that warrants removing the
founder status by supporting sharing of it? 

M. 


</PRE>

<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
	<LI>Previous message: <A HREF="004218.html">[IRCServices] secure Identify Feature..
</A></li>
	<LI>Next message: <A HREF="004220.html">[IRCServices] secure Identify Feature..
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#4219">[ date ]</a>
              <a href="thread.html#4219">[ thread ]</a>
              <a href="subject.html#4219">[ subject ]</a>
              <a href="author.html#4219">[ author ]</a>
         </LI>
       </UL>

</body></html>
Commit	Line	Data
3bd189cb JR	1	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
	2	<HTML>
	3	<HEAD>
	4	<TITLE> [IRCServices] secure Identify Feature..
	5	</TITLE>
	6	<LINK REL="Index" HREF="index.html" >
	7	<LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20secure%20Identify%20Feature..&In-Reply-To=E1BDWk5-0004J3-HD%40lon1-hub.mail.demon.net">
	8	<META NAME="robots" CONTENT="index,nofollow">
	9	<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
	10	<LINK REL="Previous" HREF="004218.html">
	11	<LINK REL="Next" HREF="004220.html">
	12	</HEAD>
	13	<BODY BGCOLOR="#ffffff">
	14	<H1>[IRCServices] secure Identify Feature..</H1>
	15	<B>M</B>
	16	<A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20secure%20Identify%20Feature..&In-Reply-To=E1BDWk5-0004J3-HD%40lon1-hub.mail.demon.net"
	17	TITLE="[IRCServices] secure Identify Feature..">mark at ctcp.net
	18	</A><BR>
	19	<I>Tue Apr 13 16:08:45 PDT 2004</I>
	20	<P><UL>
	21	<LI>Previous message: <A HREF="004218.html">[IRCServices] secure Identify Feature..
	22	</A></li>
	23	<LI>Next message: <A HREF="004220.html">[IRCServices] secure Identify Feature..
	24	</A></li>
	25	<LI> <B>Messages sorted by:</B>
	26	<a href="date.html#4219">[ date ]</a>
	27	<a href="thread.html#4219">[ thread ]</a>
	28	<a href="subject.html#4219">[ subject ]</a>
	29	<a href="author.html#4219">[ author ]</a>
	30	</LI>
	31	</UL>
	32	<HR>
	33	<!--beginarticle-->
	34	<PRE>Craig McLure wrote:
	35	><i> This command would add things to make the channel more secure
	36	</I>><i> thou, If you did give the channel founder password to people
	37	</I>><i> you trust, and you find its being abused, you can simply
	38	</I>><i> remove that person from the access list, this way you dont
	39	</I>><i> need to worry about changing the password and re-distributing it :)
	40	</I>
	41	The way to be secure is not to give out the founder password. You could
	42	apply the same short sighted reason for a "/ns set
	43	letotherpeopleaccessmynick pass" request.
	44
	45	The founder password is designed to give the channel founder access to
	46	manage the ownership of the channel. There is no need to give out the
	47	password to anyone, channel management through others is provided via op
	48	status.
	49
	50	If for some peculiar reason a channel founder wishes to share the password
	51	then IMO that is their problem. The chances are that any user that would
	52	require modifying the access list to "fix" this, would likely be attempted
	53	too late since a rogue user could have merely taken ownership of the channel
	54	thereby making the option and the founder password redundant and merely make
	55	it a problem that administrators waste time on.
	56
	57	The founder can already provide access to whatever commands an op needs via
	58	levels which is far more secure and already subject to access list
	59	restrictions.
	60
	61	What function of founder status is required that warrants removing the
	62	founder status by supporting sharing of it?
	63
	64	M.
65
66
67
68	</PRE>
69
70	<!--endarticle-->
71	<HR>
72	<P><UL>
73	<!--threads-->
74	<LI>Previous message: <A HREF="004218.html">[IRCServices] secure Identify Feature..
75	</A></li>
76	<LI>Next message: <A HREF="004220.html">[IRCServices] secure Identify Feature..
77	</A></li>
78	<LI> <B>Messages sorted by:</B>
79	<a href="date.html#4219">[ date ]</a>
80	<a href="thread.html#4219">[ thread ]</a>
81	<a href="subject.html#4219">[ subject ]</a>
82	<a href="author.html#4219">[ author ]</a>
83	</LI>
84	</UL>
85
86	</body></html>