[Mailman-Developers] config.pck password encryption inconsistencies

[Dave Dewey]

Quoting Dave Dewey (ddewey at cyberthugs.com):

> Here's the issue I can't solve.  It is clear that SOME user passwords in the
> lists' config.pck file are encrypted, and some aren't.  This is within the
> SAME config.pck, I'm only running one list.  When using 'dumpdb' to
> investigate the the users email/passwords, some of the passwords are
> definitely clear text.  However, others (including all of my own, for
> various test subscriptions) are encrypted.

More info:  it appears that only passwords that were chosen at time of
subscription are encrypted.  If a user then goes in and changes the
password, it is stored unencrypted in config.pck.

dave