[Mailman-Users] Password addon

[Mark Sapiro]

Melinda Gilmore wrote:

> I am sorry I was not very clear.    One of our issues is the password
>needed for user to unsubscribe.  It will be a big change at this time from
>what we are using (Listproc).   Someone seems to think there is some addon
>that will disable this?  


You don't need a password to unsubscribe. You only need a password to
unsubscribe without responding to a confirmation email.


>The other issue is that we are used to being able to look at the config 
>file and see the password. The complication is that multiple list 
>owners share a single administrator password --so if one owner forgets 
>the passwored, if we can't look it up for them, then a reset would 
>cause every other owner on the list to NOT know the current password.


Here you are talking about list admin and/or moderator passwords, not
user passwords. User passwords are in fact kept in the list's
configuration file in plain text and can be 'looked up', although not
conveniently. You are correct that the list's admin and moderator
passwords are encrypted and cannot be retrieved in plain text. I know
of no way to avoid the problem you describe above in current Mailman.

If I were in your position, I would just ask one of the other admins
for the password.

Note, that you also have the issue that one admin who knows the
password can change it and lock out the other admins.

This will all change in Mailman 3, but not before. The plan for Mailman
3 is to have a user database separate from the lists. Each user will
have a password (or possibly other authentication method) and roles
such as owner of list1, moderator of list2, member of list1, list2,
list3, list4.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan