RE: Fwd: Re: [Full-Disclosure] Administrivia: Binary Executables w/o Source

["Steve Wray" <steve.wray@paradise.net.nz>]

Its invaluable to be able to get access to some of
these binaries, for development of IDS sigs and so forth,
to give just one example.

I would hate to see a blanket ban, however if it were possible
to have attachments stored on a website and the email
attachment replaced with a link to the binary on the website,
that would be a good happy middle way I reckon.

> -----Original Message-----
[snip]
> > There are a *few* cases where binary attachments are appropriate.
> >
> > How about attachments invoke automatic moderation  (i.e. 
> any messages
> > with attachment get shunted to the moderator for approval).
> >
> 
> This sounds like a decent workgap, if the moderators are 
> going to wish to
> invest the added resources.  Of course, it might be expanded 
> if they are
> willing to provide more resources <list members us all, being gluttons
> here for 'services'>, and rather then decide to approve 
> binaries, to post
> it to a website themselves, thus not *offending* anyone silly 
> enough to
> execute them, and allowing readers to decide if grabbing it 
> is of merit to
> them.  This does make an argument about enabling idiots to do 
> more stupid
> things, but, then again, they are most likely already 
> available to these
> folks already...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html