Dave Dewey wrote: >Quoting Dave Dewey ([EMAIL PROTECTED]): > >> Here's the issue I can't solve. It is clear that SOME user passwords in the >> lists' config.pck file are encrypted, and some aren't. This is within the >> SAME config.pck, I'm only running one list. When using 'dumpdb' to >> investigate the the users email/passwords, some of the passwords are >> definitely clear text. However, others (including all of my own, for >> various test subscriptions) are encrypted. > >More info: it appears that only passwords that were chosen at time of >subscription are encrypted. If a user then goes in and changes the >password, it is stored unencrypted in config.pck.
Are you sure they are encrypted and not just encoded (e.g. unicode)? What do you see in monthly password reminders? I looked through the code somewhat, particularly the code that produces password reminders, and I can't see anywhere where there is any encryption/decryption of passwords going on. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan _______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-developers Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
