On 4/10/2019 11:36 AM, Dimitri Maziuk via Mailman-Users wrote:
With a properly sandboxed application your security vulnerability has to be a) exploitable through that application and b) able to break out of the sandbox and wreak havoc to your host system.
Exactly.
(That said, given the history of python, my question would be if there are any plans to port MM2 to golang or maybe gnat.)
Or rust, or python3 (which might be the easiest). I'm not sufficiently up on the python differences, but..... it can't be -that- difficult..... (and aren't there tools to assist? some code claims to be both v2 and v3 compatible) (gnat? that's really ada, isn't it?)
The main thing is that from appearances MM3 is large enterprise-grade list manager, but many of us don't need that, we need something for a few (<100?) lists with a few (<500?) members. I can run that on a small BSD box; spinning up django, sass, (docker?), and whatever else is overkill for the purpose and adds to the maintenance load. Heck, with MM2 I'd dump apache for a simpler server if it wasn't already set up.
Maybe there's a place for a community-driven port of MM2 onto python3. I am not volunteering, too many other projects currently.
Later, z! ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
