lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <020101c65f67$b5394f60$6700a8c0@toshibauser>
Date: Fri Apr 14 03:04:19 2006
From: william at lefkovics.net (William Lefkovics)
Subject: Recall: Oracle read-only
	usercan	insert/update/delete data

>>and all the people that got embarassed due to incorrect use of "reply-all"


Leave it there... They'll learn. :)

And of course, you don't stop services to run Exmerge.  It uses MAPI and the
store has to be running. 

An event sink that \dev\nulls all recalls would be better.  :)

-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Michael
Holstein
Sent: Thursday, April 13, 2006 6:11 AM
To: Mike Owen
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] Recall: Oracle read-only usercan
insert/update/delete data

> In my experience, it doesn't even work in an Exchange environment. The 
> user gets a message that the message should be recalled, but the 
> original is still there, even if it hasn't been read yet. I've heard 
> people say that at one time it would auto-delete the message if it 
> hadn't been read, but I've never seen that.

It does, provided you read the "recall" message first -- but since Outlook
(by default) displays in reverse chronological order, and most people read
email in the order received, it does little good.

Back when I was involved in Exchange administration, I can't tell you how
many times I had to stop services and run exmerge against the store to clean
out messages that somebody accidently sent to a distribution list.

That .. and all the people that got embarassed due to incorrect use of
"reply-all" ;)

~Mike.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ