Hendrik Maryns writes: > Yes. Caution is good, but isn’t this exaggerated?
No. It's not just your systems that are at risk. Mine are, too. Remember, almost all of these measures are taken because someone has demonstrated a similar exploit, and most exploits are not done for their own sake, but rather to achieve a platform for cracking more systems. Of course, if you're a security expert and know what risks are present, and are sure they don't apply to your system, Mailman is open source, you can change it. If that sounds like too much work, don't you see that probably means you don't really have enough resources to change the settings and still be secure? On the other hand, systems and their environments are infinitely variable. The Mailman developers can not know enough about your system to make those decisions, either. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
