"Joe R. Jah" wrote:
>
> On Fri, 31 Aug 2001, Dan Liston wrote:
>
> > By old functionality, I am referring to the listname.passwd file getting
> > written to. Being someone that still uses the deprecated listname.passwd
> > file, and not for the "master password", I can have the best of both worlds
> > by adding a "newpasswd" command that does what the old "passwd" command did
> > pre-passwd.0 patch.
>
> That's really not a functionality, but a procedure. What is your purpose
> in writing to listname.passwd file? What do you get out of it? Let me
> try to explain why that procedure is deprecated:
>
> After receiving the command:
>
> passwd <listname> <oldpass> <newpass>
>
> Majordomo uses valid_passwd function in majordomo.pl to verify <oldpass>.
> That function checks BOTH the contents of listname.passwd and the value of
> admin_passwd in listname.config. Any one who knows one of the passwords
> can change them both, and has full access to the entire list, so you can
> not delegate control to some of your lists without giving away full
> control to all of your lists;(
This is not exactly true. It assumes that the listname.passwd file is being
used as a link to a master password for all lists, rather than just one. Also
consider, that unless a "newpasswd" command is issued, the listname.passwd
file would never exist. Once the file is created, there is still the extra
work of removing the password from the .config file, and the awareness to
leave it blank in the future.
> Most list owners forget, or don't know, that they have passwords in two
> files; they change a compromised password in one file, without realizing
> that the old password would still be as valid as ever. They'll have to
> change the password in both files; more chores;( Allowing list owners to
> write to listname.passwd files creates more problems than it solves.
True, list-owners must be "aware", and you make an excellent point regarding
compromised security. I also had not considered users having no way to get
rid of the file once it is created, without majordomo-owner intervention.
The more I think about the extra hassle involved, the more I think I should
just enjoy the passwd.0 patch.
> You won't get any benefit from the "old functionality" other than a backup
> password file, in case you ruin your list.config file by using a poor mail
> program, or simply being careless;) Remember, there is always a Majordomo
> owner at your service;^) List owners remember that before any password in
> any file;))) Thanks to Bill Houle, there is also Majorcool. Your list
> owners will be grateful not having to deal with the scary proposition of
> editing their configuration files and mailing them;)
You have convinced me not to try/do what I was going to. I have seen the
error of my ways. :)
Dan Liston
Follow-Ups:
References:
|
|
