Andrew Stuart writes: > From a security perspective should even salted and hashed passwords > should stay behind the API or might there be a need for something > on the other side of the API to access that field?
At present the REST API is available only on localhost (at least by default), so it's not that big a risk (yes, I understand defense in depth, but there's a need of corresponding importance). In the absence of a proper authz/authn module inside of Mailman itself, I don't see a real alternative to making that data available to mailman.client, and thus making it possible for other user apps (HyperKitty, Postorius) to get authorization to access a specific user's data. In the long run we need to do something about this. However, Mailman has operated based on passing around *cleartext* passwords by *email* for decades, with no serious issues that I know of. If Barry is serious about World Domination, we need to fix this, but I don't see a huge hurry. Steve _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
