On Mon, 2004-02-16 at 05:33, [EMAIL PROTECTED] wrote: > For your information: I just submitted the bug report below on > the SF mailman page. > > Greetings, Heiko. > > > admin password is checked when it should > ----------------------------------------- > > To see the problem you have to be the administrator of a > list. Go to the members options login page > > .../mailman/options/<listname> > > and enter something like a valid email address, e.g.: > > [EMAIL PROTECTED] > > and as password enter the ADMIN password! You will get > something like: > > Bug in Mailman version 2.1.4
This is fixed in CVS for MM2.1.5. > What is worse: if you enter a valid email address (of a > list member) and the admin password you are the admin. > So, any list member that happens to choose the same > password as the admin has full access to the > administrative interface. Yep. Pick your admin passwords wisely <wink>. > Somehow I think it would be better to also have an admin > username and not just an admin password. Or, for each > member an admin flag can be set. The admin has to be a > member and can login with email and password as anybody > else. Something like this is the plan for MM3. -Barry _______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-developers Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
