[OSM-talk] Mailing list security
Tom Hughes
tom at compton.nu
Sat Nov 25 16:31:50 UTC 2017
On 25/11/17 15:37, Colin Smale wrote:
>
>
> On 25 November 2017 16:04:45 CET, "Éric Gillet" <gill3t.3ric+osm at gmail.com> wrote:
>> Another point : This password is not secure, but what the worst that
>> could
>> happen with it ? As long as one don't reuse it on other applications
>> (as
>> warned during registration), the only action an attacker could do would
>> be
>> to unsubscribe you. Not really catastrophic
> ...until it is hacked and thousands of passwords are stolen. If even one of those leads to something serious, I am not sure that saying "I told you so 10 years ago when you signed up" will be enough to absolve the operators of liability.
>
> I will open a ticket as suggested.
There's really not much point - we will upgrade as and when the packages
in Ubuntu are upgraded. We're not going to be installing from source.
Upgrading to mailman 3 is a massive job anyway - it's basically a
completely different piece of software. Or rather it's now about five
separate pieces of software that you have to install and connect up.
Tom
--
Tom Hughes (tom at compton.nu)
http://compton.nu/
More information about the talk
mailing list