[Mailman-Developers] passwords in third party web archives, newsgroups

Dan Riley dsr@mail.lns.cornell.edu
Sun, 05 Nov 2000 19:00:08 -0500


Are the mailman developers at all concerned by

http://www.google.com/search?q=mailman-owner+reminder+password
http://x66.deja.com/=dnc/getdoc.xp?AN=641175690

This is probably especially a problem with lists that were converted
from another MLM, where there was no explicit "one address, one reader"
assumption at the time the archive was subscribed.

[note:
 1. I'm not subscribed to the mailman mailing lists, nor do I use
    mailman except as a list subscriber and the maintainer of the
    rec.music.gaffa news2mail gateway; please cc me on any direct
    responses.
 2. I looked through the archives and saw many discussions of
    passwords, but did not find this issue addressed; my
    apologies if I missed it.
 3. Yes, the rec.music.gaffa gateway filters mailman admin
    messages, and has done so since a few hours after the first
    reminder appeared in the newsgroup.
 4. No, I don't think this is a huge security issue, but it certainly
    does have some potential for minor mischief.
 5. I may mention this (in passing) in a submission to comp.risks
    soon.
]

-dan