[IRCServices] Merging...
Arathorn
arathorn at theonering.net
Tue Feb 25 17:07:31 PST 2003
Andrew Church wrote:
> >When I upgraded to v5, a strategic temporary addition of email=0; to
> >modules/database/version4.c served to perform the same operation.
However,
> >we then found a somewhat undesired sideeffect - namely that because in v4
> >days, NSDefHideEmail had been commented out - old registered users
migrating
> >onto v5 were duly forced to enter valid e-mail addresses - **which were
then
> >visible for the whole world to see on a /msg nickserv info Nickname.**
>
> Seeing as this can be easily changed with a /ns set hide email on
> immediately after identify -> set email -> auth, and unauthed addresses
> aren't visible to normal users, I don't see this as a problem.
My concern is that your average clueless user isn't going to know to /ns set
hide email on - even if they're told to do it in bright red letters. My
experience in talking registered users through /ns set email and /ns auth
has been bad enough - and those are steps that the system corralled them
through - whereas there's no way to obviously force them to /ns set hide
email.
And thus depending on the previous v4 config, there's a 50/50 chance that
their mail might be left open in the public gaze, ripe for harvesting. It
just seems to be putting the users through a bit more trauma than is
strictly necessary. Of course, it could be that my users tend to be more
clueless than the average network's - but I'd feel slightly worried about
leaving their e-mail privacy in their own hands ;)
my 2p, anyway
A.
________________________________________________________________
Matthew Hodgson arathorn at theonering.net Tel: +44 7968 722968
Arathorn: Co-Sysadmin, TheOneRing.net®