[SAC] Mailing list Administrative Passwords
Tyler Mitchell
tylermitchell at shaw.ca
Fri Jan 5 17:11:48 EST 2007
That sounds like a good approach to me. Managing all these passwords
is a nightmare without a central system like LDAP.
I am also pulling myself off of the lists as an administrator, but
fear that some admins don't really realise what they should be
doing. I think we need to revisit some lists and change default
settings - especially turning on auto-reject posts from non-list
members, etc. We may also need to give a tutorial for some list
admins. Note that any "Project Owners" from the old infrastructure
were instantly made list admins through our upgrade.
Tyler
On 3-Jan-07, at 8:05 AM, Daniel Morissette wrote:
> Frank Warmerdam wrote:
>> Normally I don't like communal passwords but it seems to me that
>> "list
>> security" is not terribly important and mailman doesn't *seem* to
>> offer an
>> easy option for LDAP based administration as far as I know (does it?)
>
> How'bout setting up HTTP Basic authentication (i.e. good old web
> browser password prompt) on http://lists.osgeo.org/mailman/* to
> require authenticated users for all the mailman admin scripts (I
> believe that's admin and admindb but there may be others) and
> leaving the other public scripts (i.e. listinfo, options and
> others?) not password-protected.
>
> The HTTP Basic authentication could likely pull login names from
> LDAP to check for authorized list admins, and then you could safely
> use a communal password for the mailman password prompt.
>
> Daniel
> --
> Daniel Morissette
> http://www.mapgears.com/
> _______________________________________________
> Sac mailing list
> Sac at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/sac
More information about the Sac
mailing list