On 25/11/17 16:45, Colin Smale wrote:
On 2017-11-25 17:31, Tom Hughes wrote:
On 25/11/17 15:37, Colin Smale wrote:
On 25 November 2017 16:04:45 CET, "Éric Gillet" <gill3t.3ric+...@gmail.com
<mailto:gill3t.3ric+...@gmail.com>> wrote:
Another point : This password is not secure, but what the worst that
could
happen with it ? As long as one don't reuse it on other applications
(as
warned during registration), the only action an attacker could do would
be
to unsubscribe you. Not really catastrophic
...until it is hacked and thousands of passwords are stolen. If even one of those leads
to something serious, I am not sure that saying "I told you so 10 years ago when you
signed up" will be enough to absolve the operators of liability.
I will open a ticket as suggested.
There's really not much point - we will upgrade as and when the
packages in Ubuntu are upgraded. We're not going to be installing from
source.
In that case I won't bother. I can't help thinking: what a sorry state
of affairs.
When you say "we", who are you referring to exactly Tom?
The system administrators that are responsible for running it.
I would also add that most sites are sticking with mailman 2 for now
which is likely why the distros haven't upgraded.
The only site I know of that uses mailman 3 is Fedora and from my
experience of it I would say it's still a bit rough around the edges for
now.
Everybody knows the whole password thing with mailman 2 is not ideal and
is basically a major pain but there are no easy solutions to it.
Tom
--
Tom Hughes (t...@compton.nu)
http://compton.nu/
_______________________________________________
talk mailing list
talk@openstreetmap.org
https://lists.openstreetmap.org/listinfo/talk
