[Mailman-Users] Thoughts about migrating to Mailman instead of Sympa (from Majordomo)
gmayes at uoregon.edu
Sat Jan 21 03:29:24 CET 2012
I think you closed our security hole! You're right that someone else getting their hands on your mailman password is incredibly minor. The issue is when individuals subscribe to lists using their central LDAP/AD password as their Mailman list password. In that case password interception is a bigger deal.
As you recommend in your paragraph on password best practices, people should let Mailman2 auto-generate a password. And it looks like this can easily be enforced by simply removing the "Pick a password" and "Reenter password to confirm" fields from the list subscription page. Mailman will then auto-generate all passwords. Voila! Unique passwords that only exist in Mailman. (Now if someone chooses to start using their Mailman list password as their LDAP password...) :)
The annoying issue that remains is that Mailman2 cannot be brought under centralized authorization and users have yet another password to maintain. But as you and others have pointed out, list owners and list subscribers rarely interact with Mailman. And MM3 is on the horizon...
This is great. Thanks, Geoff
> -----Original Message-----
> From: mailman-users-bounces+gmayes=uoregon.edu at python.org
> [mailto:mailman-users-bounces+gmayes=uoregon.edu at python.org] On
> Behalf Of Larry Stone
> Sent: Friday, January 20, 2012 1:18 PM
> To: mailman-users at python.org
> Subject: Re: [Mailman-Users] Thoughts about migrating to Mailman instead
> of Sympa (from Majordomo)
> On Thu, 19 Jan 2012, Geoff Mayes wrote:
> > If Mailman
> > provided a way around the passwords in the clear issue, I'm pretty
> > sure we'd go with Mailman ...
> My personal opionion is Mailman passwords are so insignificant that it really
> shouldn't be an issue. On the other hand, I recognize that you may have
> direction from above that because it's called a "password", it needs to be
> ulta-secure (there are, unfortunately, too many bosses who don't
> understand security and don't understand that different types of systems
> have different security needs). How much damage could be done if a
> Mailman user password was compromised? How much damage could be
> done if my on-line banking password was compromised? The answers are
> very different yet there are many who want them secured in the same way.
> I so rarely use a Mailman password that I don't even try to remember it.
> If I need to use it on a Mailman system, I have it send it to me, use it, then
> forget it.
> If someone wants to mess up my subscription on a Mailman system, well, go
> ahead. I have far more important things in life to worry about.
> Also, consider how many other times passwords are sent in the clear, just
> not in email. A snail mail with a password is also a "password sent in the clear"
> yet few seem to have a problem with that. Maybe because I practice good
> password managment, I am less concerned about an email being snooped
> than I am about snail mail theft or privileged access abuses.
> I would not worry about Mailman passwords being sent in the clear and
> instead, urge users to use good password practices. For Mailman, encourage
> them to let Mailman assign a password (and thereby, not reuse a PW).
> Because no matter what you do, people will reuse passwords, use the same
> password for low and high security needs, use easy-to-guess passwords,
> write them down, and other things that just make Mailman's password
> concerns the least of your organization's security concerns.
> -- Larry Stone
> lstone19 at stonejongleux.com
> Mailman-Users mailing list Mailman-Users at python.org
> Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy:
> http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-
> Unsubscribe: http://mail.python.org/mailman/options/mailman-
More information about the Mailman-Users