[BALUG-Admin] time to change list ... passwords

Wed Apr 15 13:34:47 PDT 2009

Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):

> 1. once upon a time the "Moderator" password was set.  The one I had in
> my notes was, I believe, passed to me the same time the "Admin" password had
> been much earlier passed to me.  I'm also fairly certain "way back then"
> I verified that each password worked on each of the lists.  Seems "Moderator"
> password/functionality is disabled (as we desire it), as A) I checked, and
> the old "Moderator" password no longer works, and B) the GUI admin stuff
> quite effectively states that the "Moderator" role only works if both a
> password is set for it, and an email is set for "Moderator" - and I
> checked and all three lists have no email set for "Moderator" - so I believe
> that effectively disables any "Moderator" capability or login

If you'll please indulge me for a minute, there's a fine point on which 
I'll want to correct the above explanation.  This matter actually applies 
equally to Mailman's "moderator" and "listadmin" concepts.  Please
pardon a brief departure into Mailman neepery, which I'll indulge
because it's the one key area in Mailman administration that most
confuses people.

A lot of the documentation claims (as above) that the roles work only if
someone has the related password and his/her e-mail address is set for
that role.  That's actually not true.

In fact, the matters of whose e-mail addresses are listed for those
roles, and who has those passwords, are completely orthogonal.  They 
concern different, if related, things:

1.  Your e-mail address being listed for a role just means you receive
    e-mailed notices that something new has landed in the admin queue
    (and summary reminders about the queue).

2.  Your possessing the related password means you can get access to 
    the admin screens.

Anyone citing the "moderator" password at a mailing list's admin prompt 
(on the Web) can see and act on the administrative queue.

Anyone citing the "listadmin" password at a mailing list's admin prompt
(on the Web) can _both_ see and act on the administrative queue _and_
can modify the way the mailing list as a whole operates (and carry out 
other actions on the list, up to and including its deletion).

Getting the "something's just landed in the queue" notices but lacking
the password (and thus not being able to do anything about them) would
be maddening and pointless.  That seldom happens.

The other scenario, of possessing the moderator and/or listadmin
password but not receiving the notices, _that_ happens frequently, 
generally because people pass the passwords around, or people used
to receive the notices but removed themselves but still possess the 
still-unchanged password, or something like that.