On Fri, 2006-05-12 at 16:19 -0500, Johnny Hughes wrote:
> On Fri, 2006-05-12 at 16:48 -0400, William L. Maltby wrote:
> > On Fri, 2006-05-12 at 20:47 +0100, Karanbir Singh wrote:
> > > William L. Maltby wrote:
> > > > <snip>
> > I don't even like it that your (CentOS's) monthly reminder to me is sent
> > with password unencrypted... and I am the only user here. If I could
> > post my public key and have that monthly reminder encrypted, I'd do it.
> >
>
> You can turn it off in your preferences for the list in mailman:
> http://lists.centos.org/mailman/options/centos
I know. Just haven't gotten around to it.
>
> > > access to emails being sent to that address, its sort of academic
> > > getting the passwd anyway ( click on forgot passwd, new passwd emailed
> > > out ...etc )
> >
> > Well, it's too bad that we can't make all access via SS* w/no passwords
> > required. But a new one-time-only-use password (IOW, it must be changed
> > on first use and w/i a specified time interval) isn't too bad.
> >
> We didn't write mailman ... nor did we write the probe e-mail that it
> sends.
I *know* that. It was not a personal or project attack. But the answer
to my concern that was posted (it is sent to... so... <equiv to
everything's probably OK>) got one of my feet on the soap box.
:-( Didn't mean to seem critical.
All that not withstanding, I believe we can't be to relaxed about
security and even *dumb* concerns (as mine might be) are worth noting or
discussing.
> <snip sig stuff>
Thanks,
--
Bill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.centos.org/pipermail/centos/attachments/20060512/553d1c42/attachment.bin
