> So you deliberately make it easy for potential attackers to > find out about everything they need to know in order take over > the site. > > Could you explain the reasons behind this ?
This information is not meant for attackers, but for people contributing to the maintenance of the site. It may also help attackers, but only a little so, since they can easily gather the information, anyway. You seem to favor obscurity as a means of security. Please understand that this gives a false sense of security. > While having documentation of the setup is essential, I don't think > making that documentation available outside the group of administrators > is a good thing to do. I disagree. Administrators tend to forget where the information is stored, and how to access it; they are also uncertain as to whether certain aspects are documented at all. Giving Google access to this information (or any other search engine) simplifies maintenance. Regards, Martin _______________________________________________ pydotorg-www mailing list pydotorg-www@python.org http://mail.python.org/mailman/listinfo/pydotorg-www
