The only scenario I can see are large organizations/corporations with
huge IT department who have to administer mailing lists with thousands
of subscribers. In that case it might make more sense to protect the
admin interface through a dedicated virtual host + packet filter +
htaccess set up, rather than having every 'admin' to type in the site
admin password for once, or once the site admin cookie has expired. It
would speed things up to have the interface accessible through one
link without any barriers. I don't know if this is an applicable
scenario or not, but IT departments with large organizations are
probably capable to make mailman work for them.
Ulf
--
Ulf Hofemeier
Programmer / Analyst II
Latin American and Iberian Institute
u...@ladb.unm.edu
Still, it's worth fixing it so that a null password doesn't work. I
can't see that anyone would actually want passwordless access to the
admin interface except maybe in the case of a server that was not
exposed on the internet al all, but probably not even then.
Does anyone need to have null passwords work in Mailman?
--
Mark Sapiro <m...@msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
