Re: [Mailman-Users] Question Regarding admindb
On Wed, 01 Dec 1999 16:37:51 +1100 Gonzalo Servat speedy@WebBios.com.au wrote:
It would be quite easy for anyone to send spam to the list, then guess the URL of the approval page (since its usually www.domain.com/admindb/<listname> and approve it themselves since no password is required.
A password is required unless you already have a cookie from a previous authentication (which hasn't timed out yet).
-- J C Lawrence Home: claw@kanga.nu ----------(*) Other: coder@kanga.nu --=| A man is as sane as he is dangerous to his environment |=--
Yep. I forgot I entered the password beforehand for another task and the cookie hasn't timed out :)
Thanks.
claw@kanga.nu wrote:
On Wed, 01 Dec 1999 16:37:51 +1100 Gonzalo Servat speedy@WebBios.com.au wrote:
It would be quite easy for anyone to send spam to the list, then guess the URL of the approval page (since its usually www.domain.com/admindb/<listname> and approve it themselves since no password is required.
A password is required unless you already have a cookie from a previous authentication (which hasn't timed out yet).
-- J C Lawrence Home: claw@kanga.nu ----------(*) Other: coder@kanga.nu --=| A man is as sane as he is dangerous to his environment |=--
participants (2)
-
claw@kanga.nu -
Gonzalo Servat