[Mailman-Developers] config.pck password encryption
ddewey at cyberthugs.com
Wed Dec 8 16:16:30 CET 2004
Quoting Dave Dewey (ddewey at cyberthugs.com):
> Here's the issue I can't solve. It is clear that SOME user passwords in the
> lists' config.pck file are encrypted, and some aren't. This is within the
> SAME config.pck, I'm only running one list. When using 'dumpdb' to
> investigate the the users email/passwords, some of the passwords are
> definitely clear text. However, others (including all of my own, for
> various test subscriptions) are encrypted.
More info: it appears that only passwords that were chosen at time of
subscription are encrypted. If a user then goes in and changes the
password, it is stored unencrypted in config.pck.
More information about the Mailman-Developers