diff options
| author | Mark Sapiro <msapiro@value.net> | 2011-04-25 16:52:35 -0700 |
|---|---|---|
| committer | Mark Sapiro <msapiro@value.net> | 2011-04-25 16:52:35 -0700 |
| commit | aa8dd12bd7f3c442cdcc702b6bb1d8cabbca7d40 (patch) | |
| tree | e94b411dc9cfcefc5346df1fdff8264f195c43f7 /Mailman/Handlers | |
| parent | 7ef6c582816cb349f240054064d495753a916408 (diff) | |
| download | mailman2-aa8dd12bd7f3c442cdcc702b6bb1d8cabbca7d40.tar.gz mailman2-aa8dd12bd7f3c442cdcc702b6bb1d8cabbca7d40.tar.xz mailman2-aa8dd12bd7f3c442cdcc702b6bb1d8cabbca7d40.zip | |
A new list poster password has been implemented. This password may only
be used in Approved: or X-Approved: headers for pre-approving posts.
Using this password for that purpose precludes compromise of a more
valuable password sent in plain text email. Bug #770581.
Diffstat (limited to 'Mailman/Handlers')
| -rw-r--r-- | Mailman/Handlers/Approve.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/Mailman/Handlers/Approve.py b/Mailman/Handlers/Approve.py index 68f23cf1..9567325a 100644 --- a/Mailman/Handlers/Approve.py +++ b/Mailman/Handlers/Approve.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2010 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2011 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -117,7 +117,8 @@ def process(mlist, msg, msgdata): lines = part.get_payload(decode=True) if re.search(pattern, lines): reset_payload(part, re.sub(pattern, '', lines)) - if passwd is not missing and mlist.Authenticate((mm_cfg.AuthListModerator, + if passwd is not missing and mlist.Authenticate((mm_cfg.AuthListPoster, + mm_cfg.AuthListModerator, mm_cfg.AuthListAdmin), passwd): # BAW: should we definitely deny if the password exists but does not |