[Mailman-Users] Question Regarding admindb
Gonzalo Servat
speedy at WebBios.com.au
Wed Dec 1 07:09:42 CET 1999
Christopher Lindsey wrote:
> > It would be quite easy for anyone to send spam to the list, then guess
> > the URL of the approval page (since its usually
> > www.domain.com/admindb/<listname> and approve it themselves since no
> > password is required.
>
> Ummm, mine requires a password.
>
> > Any ideas on how I could enable a password setting there? (other than
> > making a .htaccess file.. i was hoping there's an easier way)
>
> It could be using the same cookie that you used for list maintenance
> functions as authentication. Try quitting your browser and restarting
> it, then go directly to the admindb page. It should come up with the
> standard password authentication window.
Ahh you're right... I tried quitting Netscape and coming back in, etc, but
it kept the cookie... but I tried on another system and it asked me for the
password.
Thanks for that.
I'm still wondering why every time I get the List Administrative Password
screen, right at the top it says "Error Decoding Authorization Cookie", is
that normal?
Thanks.
Gonzalo.
More information about the Mailman-Users
mailing list