I'm sure Mark has more complete answers, but diving in anyways :)

On 5/30/2018 2:36 PM, Parker, Michael D. wrote:
I've been assigned the task of attempting to secure our current implementation 
of GNU MailMan.
You're probably better off changing to MM3, but if you have to stay with v2--

What did you do?
Needs a better definition of "secure" and an understanding of the intended goals- protect the archive? spam prevention? keep users from (un)subscribing lists? Are these goals part of the _mailing_list_manager_ or another part of the system (web server, email MTA & spam filtering, file sharing, etc)?


Some of the initial items that have been directed my way:
1.       Can archiving be totally and permanently be eliminated?
More than turning it off on a per-list basis? (This doesn't "secure" mailman, it only makes archives unusable. You'd be better off to hide them behind a web page requiring web-server authentication.) Won't stop users from keeping their own archives, of course. (Or change the code to disable them.)


2.       How and where are the passwords stored?
IIRC users' list passwords are stored in the list config 'pickle' in the lists/ directory; see the comments in "Mailman/SecurityManager.py".


3.       Can user passwords be eliminated and have the list administrator make 
any user adjustments which should not be necessary?
At a great loss of utility, sure. This would require a code change.


4.       Does the website have to run in http: since passwords are entered at 
points in the interactions?
No, the FAQ describes to to enable HTTPS.


Later,

z!
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Reply via email to