On Sun, Oct 6, 2019, at 8:24 PM, Stephen J. Turnbull wrote: > Abhilash Raj writes: > > > 90% of the time is spent trying to encrypt user passwords, for each > > of the imported member. Well, duh, encryption is an expensive > > operation and when you do that once per-imported member, it is > > definitely going to be slow. > > Why are we storing unencrypted passwords at all? Passwords are pretty > low-security in any case, but this is asking for trouble.
We store un-encrypted passwords in Mailman 2.1. Today, they are encrypted when we import lists to Mailman 3. Although, the process is a bit weird because previously it used to be one password per user-mailinglist pair in 2.1. Now, since we store passwords for "User" (instead of user-mailinglinst pair, a.k.a "Member"), each new imported list overrides every user's password with the one set for that specific list in Mailman 2.1. If these passwords are being used somewhere, I am sure it is already in a broken state ;). > > > Although, another interesting fact is the user passwords are kind > > of useless in Mailman 3. In Mailman 2 you had to setup a password > > or one was auto-generated for you per-list and you needed that to > > login to the web ui. However, in Mailman 3, the passwords (in > > Core's database) aren't used for logging in since Web Frontend > > stores the authentication tokens (social auth or passwords). In > > fact, the users who sign up first time on Mailman 3 probably don't > > ever have a password set in Mailman Core's database. > > I'll trust you on that. Although it suggests the question, if nobody > has a password, why does it take so much time to encrypt no passwords? It is mostly when importing lists from 2.1 that it takes time to encrypt. In 2.1, everyone has to have a password to get access to web ui, either manually setup or auto generated. > > > So, I commented out the code that actually imports the > > password(src/mailman/utilities/importer.py#L663-664) > > I'm happy with this. This is a major breaking change *if* anyone is > using core passwords which they probably aren't, but it deserves > flashing lights and sirens in the release announcements. Yep, I'll make a note of that and make sure to add it to release announcement. Although, this shouldn't be a breaking change for anyone using the Core passwords. It would only affect people porting lists over from Mailman 2.1 and hoping that the password for their last imported list would work for the Users, which is already going to be difficult for them. > > Steve > > -- > Associate Professor Division of Policy and Planning Science > http://turnbull.sk.tsukuba.ac.jp/ Faculty of Systems and Information > Email: turnb...@sk.tsukuba.ac.jp University of Tsukuba > Tel: 029-853-5175 Tennodai 1-1-1, Tsukuba 305-8573 JAPAN > -- thanks, Abhilash Raj (maxking) _______________________________________________ Mailman-Developers mailing list -- mailman-developers@python.org To unsubscribe send an email to mailman-developers-le...@python.org https://mail.python.org/mailman3/lists/mailman-developers.python.org/ Mailman FAQ: https://wiki.list.org/x/AgA3 Security Policy: https://wiki.list.org/x/QIA9
