[Mailman-Users] Re: Password bug in Mailman 2.0
Dan Mick
Dan.Mick at west.sun.com
Tue Dec 26 06:06:48 CET 2000
Juan Eliseo Carrasco Diaz wrote:
>
> Bek Oberin wrote:
>
> > Juan Eliseo Carrasco Diaz wrote:
> > > The Administrator name can be used as password to go into and change
> > > administrative and users options in theirs respective html pages.
> >
> > It's a feature.
> >
> > bekj
> >
> > --
> > : --Hacker-Neophile-Eclectic-Geek-Grrl-Queer-Disabled-Boychick--
> > : gossamer at tertius.net.au http://www.tertius.net.au/~gossamer/
> > : Artificial Intelligence: the art of making computers that behave
> > : like the ones in movies. -- Bill Bulko
>
> Ok, but It can be used by anyone, so a list member can modify the
> administrative options.
?? You said, correctly, the administrator password can be used as password to go
change users' options. That's not at all true in the reverse; user passwords don't
get you admin privileges.
Think of the admin password like the "root" user password; you can do more with it.
And the site password works for even more things (for admin privs on any list,
for example).
More information about the Mailman-Users
mailing list