[Haskell] Security problem of email registration page
Thomas Jakway
tjakway at nyu.edu
Tue Feb 27 16:23:42 UTC 2018
GNU mailman passwords are explicitly _*NOT*_ secure!
_*DO NOT REUSE MAILING LIST PASSWORDS!*_
They ARE stored in plaintext and will be mailed back to you periodically
on some setups to confirm that you want to remain subscribed.
On 02/25/2018 12:44 AM, 姓名 wrote:
> Hi there,
>
> I become aware of the problem that
> https://mail.haskell.org/mailman/listinfo/haskell send a password to
> http://mail.haskell.org/cgi-bin/mailman/subscribe/haskell. Probably it
> means this page will send a password without encryption. Could you use
> https instead of http, or remove this duplicate page? I had used
> https://mail.haskell.org/cgi-bin/mailman/listinfo/haskell instead.
>
>
> _______________________________________________
> Haskell mailing list
> Haskell at haskell.org
> http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/haskell/attachments/20180227/a6e0ab4f/attachment.html>
More information about the Haskell
mailing list