[Mailman-Users] subscribing without password, default password

Pekka Savola pekkas at netcore.fi
Fri Jun 22 18:55:20 CEST 2001


Just installed Mailman for the first time, 2.0.5.


The listinfo page requires subscribers hit in a password when joining.  I
feel this is counter-productive.

IMO, it would be better to _always_ generate passwords.  This way
they're truly random, aren't "valuable" and the user doesn't have to think
about it.

Consider: the user does _not_ want to know his password (I don't!).  If he
needs to unsubscribe or the like, he can just order the password mailed to
him, or get it from regular reminders.

 ==> The listinfo page should be revised a bit on the passwords


When I subscribed to a list using a message
to "listname-request at domain.com", the password was set to "listname"
(noticed when ordered my password to be sent over).

 ==> Shouldn't default email password be randomized?


Several Linux distributions compile mailman with non-fixed uid/gid,
preferring to use user/groupname, and leave the decision about uid/gid to
install phase.

This causes problems in Defaults.py MAILMAN_UID and MAILMAN_GID.

I have only seen a real problem with this in check_perms script, the code
of which isn't too robust:

    MAILMAN_GRPNAME = grp.getgrgid(MAILMAN_GID)[0]
except KeyError:
    MAILMAN_GRPNAME = '<anon gid %d>' % MAILMAN_GID
    MAILMAN_OWNER = pwd.getpwuid(MAILMAN_UID)[0]
except KeyError:

So, GID and UID must be used, not the names.

 ==> would it make sense to be able to use symbolic names everywhere
(perhaps being able to override these in Default.py by MAILMAN_GRPNAME

(about 1) and 2))

Perhaps there are some conflicting goals here, the current method being
better for those who want to be better able to unsubscribe when they no
longer have access to the mailbox they want to unsubscribe from

Any thoughts, or is there something I've missed?

Please Cc:, not on the list.

Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

More information about the Mailman-Users mailing list