[Mailman-Developers] Hashing member passwords in config.pck
Barry Warsaw
barry at python.org
Sat Feb 12 00:20:54 CET 2005
It seems to me that the pulse of this list is to leave the situation as
is, and not make the password hashing change for 2.1.6. This should
allow us to release this version sooner, so I'm fine with that.
The reason I thought we'd have a good opportunity now is that one of the
remediation steps for CAN-2005-0202 was to reset your passwords. I
think it will be too much to ask admins to reset their passwords for
2.1.6 and then do it again for 2.1.7, so I'm against making this change
until 2.2 or 3.0.
Thanks everyone. I may follow up on specific messages in this thread.
-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.python.org/pipermail/mailman-developers/attachments/20050211/61902536/attachment.pgp
More information about the Mailman-Developers
mailing list