Skip to Content.
Sympa Menu

en - Re: Sympa 3.0, DEL, ADD and auth

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: Aumont - Comite Reseaux des Universites <address@concealed>
  • To: Carsten Clasohm <address@concealed>
  • Cc: address@concealed
  • Subject: Re: Sympa 3.0, DEL, ADD and auth
  • Date: Fri, 17 Sep 1999 12:20:23 +0200

Carsten Clasohm notice about the version 2.3.0 :

> While the new scenari are nice, I think the default for ADD and DEL is
> a bit dangerous. If I specify "auth md5" for an owner in the list
> configuration, Sympa 3.0 overrides this with scenari/add.default. The
> result is that anyone using the right sender address can use ADD/DEL,
> without any authentification being done. (Because the *.default files
> are links to *.owner for ADD/DEL.)

That's true. You highlighted a problem. In fact, previous concept of
authentication properties defined by owner was bad. It's not coherent
to define MD5 authentication only for one of the owners.
What we need is to define the security level for each command. This
can be down by scenari.

Now we need to update the documentation and remove the owner parameter
as soon as all owner's commands will be implemented by scenari.

Regards
Serge Aumont



  • Re: Sympa 3.0, DEL, ADD and auth, Aumont - Comite Reseaux des Universites, 09/17/1999

Archive powered by MHonArc 2.6.19+.

Top of Page