[Mailman-Users] ack! security bug and question.

[Ron Jarrell]

At 12:19 PM 9/22/99 -0500, Listwrangler wrote:
>Since most users don't have this much subtlety when it comes to security,
>wouldn't it be better to require the password *before* allowing people to
>access their edit page?

Yes, except for the fact that the links the users needs to access to get his
password back if he forgot it are on *that* page...

I suppose there could be a new level of security; extreme, where if they forget
their password, tough, email the admin...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/mailman-users/attachments/19990922/8823ba1c/attachment.htm