[Mailman-Users] sharing administrator passwords
Brad Knowles
brad at shub-internet.org
Tue May 27 07:01:05 CEST 2008
On 5/26/08, Laura Creighton wrote:
> So what people _want_ is a way to log in with a password and then have
> mailman recognise them and make it possible for them to administer all
> the lists they run.
The site admin password can be used to administer any list on the
system. If you turn on the appropriate option in the mm_cfg.py file,
you can even set it up so that you log into one list with the site
admin password and you don't even have to provide a password to log
into any of the other lists -- the cookie set by the first password
login will be recognized by all the other lists.
But there's one and only one site admin password. And whoever has
site admin password can do anything at all that they want to your
Mailman installation -- if it can be done from the web, they can do
it.
You really don't want to be sharing the site admin password with
anyone that you don't trust to have full root level access to your
mail servers.
Which brings us right back to where we were.
--
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the Mailman-Users
mailing list