On 04/28/2015 11:02 AM, Danil Smirnov wrote:
Nope. She has serious reasons to avoid using cPanel's Mailman. So it was disabled in favor of standard Mailman installation. I can give more details but webpanel talk is irrelevant to the topic of this discussion.
Then if she is going to create lists and turn them over to others to admin and the others are going to change the admin password so she doesn't know it, there are two choices for removing the list short of writing your own CGI or WSGI process to do it:
there is the command line bin/rmlist tool
you could modify Mailman/Cgi/rmlist.py and remove the 10 lines of code starting with
# Be sure the list owners are not sneaking around! if not mm_cfg.OWNERS_CAN_DELETE_THEIR_OWN_LISTS:
and ending with
return
which would then allow anyone who knows the site admin, site list creator or list admin password to go to a URL like http://example.com/mailman/rmlist/LISTNAME and remove the list.
If you wanted to limit it to only the site admin or site list creator passwords, further down in the code, find
if mlist.Authenticate((mm_cfg.AuthCreator,
mm_cfg.AuthListAdmin,
mm_cfg.AuthSiteAdmin),
password) == mm_cfg.UnAuthorized:
and remove the
mm_cfg.AuthListAdmin,
line.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan