[Mailman-Developers] passwords in third party web archives, newsgroups
Dan Riley
dsr@mail.lns.cornell.edu
Sun, 05 Nov 2000 19:00:08 -0500
Are the mailman developers at all concerned by
http://www.google.com/search?q=mailman-owner+reminder+password
http://x66.deja.com/=dnc/getdoc.xp?AN=641175690
This is probably especially a problem with lists that were converted
from another MLM, where there was no explicit "one address, one reader"
assumption at the time the archive was subscribed.
[note:
1. I'm not subscribed to the mailman mailing lists, nor do I use
mailman except as a list subscriber and the maintainer of the
rec.music.gaffa news2mail gateway; please cc me on any direct
responses.
2. I looked through the archives and saw many discussions of
passwords, but did not find this issue addressed; my
apologies if I missed it.
3. Yes, the rec.music.gaffa gateway filters mailman admin
messages, and has done so since a few hours after the first
reminder appeared in the newsgroup.
4. No, I don't think this is a huge security issue, but it certainly
does have some potential for minor mischief.
5. I may mention this (in passing) in a submission to comp.risks
soon.
]
-dan