Omar Thameen wrote:
>
> This is both a heads-up and a question. When you use Majorcool to change
> the list passwd, it changes the passwd in the file listname.passwd.
> Is this intended?
The passwd stuff was tricky because it had to support use as both the
now-deprecated file and as an admin backdoor. I won't make any
guarantees about the accuracy of the code, but here's what it was
*supposed* to do (and was what configuration I used successfully). This
was described in the 1.3.2 ChangeLog:
As an admin backdoor, the .passwd file, symlinked or otherwise, MUST BE
READ-ONLY.
If the .passwd file is not read-only, then MajorCool assumes that the
list owner is allowed to change it and the "passwd" command is used.
After all, if it is not read-only, then it could be changed by emailing
a "passwd" command just as easily, so no sense blaming MajorCool...
However, if the .passwd file is read-only, then MajorCool assumes it is
an administrative back-door and will not touch it. It instead converts
to a more complex "newconfig" command and updates the passwd within the
config file.
As for the interface supporting both passwords for access, this is
actually Majordomo's doing (the valid_passwd() routine). Definitely
intentional.
The fact that MajorCool hides the the password from the config file is
really a configurable item.
--bill
References:
|
|
