On 11/2/2011 6:15 AM, Jeffrey Walton wrote:
> On Wed, Nov 2, 2011 at 7:40 AM, Larry Stone <lston...@stonejongleux.com>
> wrote:
>> Jeffrey Walton writes:
>>
[Snip]
>> . I was very naive.
>> Mailman works with Mail. SMTP mail is very insecure with headers, etc.
>> easily spoofed (by design - just as I can easily spoof the sender on a piece
>> of paper mail I drop in a mailbox). What good does high security on Mailman
>> do if it's trivial to step around the gate?
>>
> Agreed. I have no expectation that my messages to the list will be
> private, or my email will be private. An attacker gains nothing from
> reading my messages posted to a public mailing list.
>
> But the password database used by Mailman is not a public database.
> Users have a reasonable expectation of security surrounding it. An
> attacker gains a list of {user name, email, password} when the system
> is compromised.
I agree users have a reasonable expectation of security surrounding
their password. However, when the user is informed about the level of
security being used, the user's reasonable expectation shouldn't exceed
what they were told. I have a reasonable expectation of security when I
am told I can use a locker to put my equipment in. But when I am told
the locker has no locks on it, my reasonable expectation of security for
that locker is much, much lower than if it had a lock.
>
>>> Confer: list managers did not fix Mailman 2 (nor did they use other
>>> software which was secure). Why would you expect them to research
>>> and securely configure Mailman 3?
>> List managers have nothing to do with this. Us "list managers" did not write
>> the software. We're just higher level users of Mailman than the reader of a
>> mailing list that uses Mailman. But we're still just users.
> Both are at fault. First are the developers for using an insecure
> system, and second are the folks who use it in production. In this
> case "crowd security" failed - more eyeballs were not better and did
> not lead to improvements.
>
>> If Mailman does not meet your needs due to it failing to meet the security
>> requirements you personally have, don't use it.
> Unrealistic. I have no control over what software a particular mailing
> list uses. Its kind of like saying, "if you don't like the smog, don't
> breathe the air".
It isn't necessarily unrealistic, a bit abrupt maybe. You can also make
changes to the source to increase the security requirement. I have had
to make some minor modifications to Mailman for it to do what is
required where I work. And, as some on this list can probably attest, I
am not a Python coder. So, if Mailman doesn't meet your needs, you can
use it as is and suffer, make any changes you feel necessary, or not use
it.
>
> Jeff
Thanks,
Chris
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
