[security flaw] Ubuntu is a plain text offender
- From: "Amedee Van Gasse" <amedee-ubuntu@xxxxxxxxx>
- Date: Mon, 23 May 2011 15:34:54 +0200 (CEST)
On Mon, May 23, 2011 14:50, Amedee Van Gasse wrote:
On your membership page, you can change various delivery options such
as your email address and whether you get digests or not. As a
reminder, your membership password is
*CENSORED*
Also, why does Canonical store the mailing list passwords in plain text? I
use lots of different passwords so it's not a big security problem for me.
But I still find this one of the biggest WTFs in the Mailman software.
I might even file a bug report. Or add to the already existing bug report:
https://bugs.launchpad.net/mailman/+bug/266821
I just added my comments to the bug report.
Next I'm going to submit Ubuntu to the website that showcases plain text
offenders: http://plaintextoffenders.com
Ubuntu should stop using an insecure version of Mailman. Now.
--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
- Follow-Ups:
- Re: [security flaw] Ubuntu is a plain text offender
- From: Chuck Peters
- Re: [security flaw] Ubuntu is a plain text offender
- From: Kent Borg
- Re: [security flaw] Ubuntu is a plain text offender
- References:
- [OT] mails with exclamation marks + mailman security flaw
- From: Amedee Van Gasse
- [OT] mails with exclamation marks + mailman security flaw
- Prev by Date: Re: [OT] mails with exclamation marks + mailman security flaw
- Next by Date: Re: [OT] mails with exclamation marks + mailman security flaw
- Previous by thread: Re: [OT] mails with exclamation marks + mailman security flaw
- Next by thread: Re: [security flaw] Ubuntu is a plain text offender
- Index(es):
Relevant Pages
|
