Kevin Kofler <kevin.kofler@xxxxxxxxx> writes: > Another unfortunate side effect of that password expiration: mail to > username@xxxxxxxxxxxxxxxxx bounces for those people who haven't renewed > their password in time. This is also a security risk because it means > people can commit bad things to their packages without them noticing. (I > just got such a bounce for the commit message for a rebuild for broken > dependencies.) Ick. Surely that's a flat-out bad idea, independently of what you think of forced password changes. Mail should only be disabled for dead accounts, and an account that is the maintainer of record for a live package had better not be considered dead, even if its password is (temporarily?) expired. regards, tom lane -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
