[Mailman-Developers] Doubt about security
Barry Warsaw
barry at list.org
Mon Jan 5 14:53:35 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Jan 5, 2009, at 8:04 AM, Edilson Azevedo wrote:
> Hi Developers! I've a question:
>
> Why in all lists sites that I look, the "Admin Links" is open?
> Worst: Why
> (inside the Admin Links) the link "create a new mailing list" is open?
> Anyone in anywhere can to try until discover the Admin password??
>
> My doubt is: Why those links are open to world? I think that it's very
> insecure, or not?!?
Really? Those links should always be behind a login screen.
- -Barry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAkliEN8ACgkQ2YZpQepbvXEk3gCfZEX4GJ5blkATZDZHxlbMnQlw
p+gAnjSD4Gmrh+By/YGYl3QgBwiSRa1K
=fJV0
-----END PGP SIGNATURE-----
More information about the Mailman-Developers
mailing list