[Mailman-Developers] Big checkins a'comin'!
J C Lawrence
claw@kanga.nu
Wed, 14 Feb 2001 21:49:06 -0800
On Wed, 14 Feb 2001 22:59:15 -0500
Barry A Warsaw <barry@digicool.com> wrote:
> I've thought about storing the list password in the clear. This
> would allow a mail-back option for list owners, but requires for
> stricter security in the file system (since the list passwords can
> be snooped from the database).
Don't go there. The way to handle this, for both asmin and user
passwords is that either an admin or a user may request a new
password, whereupon a confirm token is emailed to their address with
the confirm token embedded in an URL. They can then visit the URL
thus having (marginally) demonstrated that they are who they say
they are, and set a *NEW* password.
Note: Do not disable the current password prior to the confirm URL
being visited or else the feature can be used as a DoS tool.
--
J C Lawrence claw@kanga.nu
---------(*) http://www.kanga.nu/~claw/
--=| A man is as sane as he is dangerous to his environment |=--