[Mailman-Users] Firefox password issue (was: Re: Hijacking threads and netiquette ... )
Brad Knowles
brad at stop.mail-abuse.org
Tue Sep 5 23:32:55 CEST 2006
At 4:17 PM -0500 2006-09-05, David Dyer-Bennet wrote:
> Now *that* really pissed me off. The page linked from the "help"
> button on the FAQ edit page says "What is the password? The webmaster
> will tell you the password if you ask nicely."
Right. In private e-mail, not on a public forum.
Moreover, the password is displayed at the bottom of every one of those pages.
> I really don't much
> like scavenger-hunt-as-security-metaphor, but maybe that help should
> be updated somehow to suggest the real situation more accurately.
Security through obscurity is not my favourite solution, either. But
this method has been enough to keep the worst of the spammers out so
far, and with the wiki already being in place and working, I don't
imagine that anyone is going to be going back to the old FAQ Wizard
code and hacking that up to work in a different way.
However, that's a standard Python FAQ Wizard which is used by
multiple other projects and not just Mailman, so maybe you could talk
to the authors of that tool and suggest some alternatives.
> I'll be updating the new FAQ with one more point, the Firefox bug
> number (closed for 2.0) referring to this problem, and posting it
> shortly. Unless yet *another* booby-trap trips me up yet *again*.
I'll keep an eye out for it.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
Founding Individual Sponsor of LOPSA. See <http://www.lopsa.org/>.
More information about the Mailman-Users
mailing list