#63 Pythons with or without the crypt module (PR#51)
Jitterbug-Id: 51
Submitted-By: harald.meland@usit.uio.no
Date: Thu, 3 Jun 1999 06:02:44 -0400 (EDT)
Version: 1.0rc1
OS: Solaris 2.6
When changing from a Python compiled without the "crypt" module to a Python
compiled
with this module, all (list and site) admin passwords (which have been
encrypted
using the always-available "md5" module) stop working.
Thus, SecurityManager.ValidAdminPassword() and
SecurityManager.CheckSiteAdminPassword() probably should fall back to "md5"
crypting
if "crypt" crypting doesn't success.
As the "crypt" module isn't always available, it doesn't make sense to have a
fall
back the other way around -- e.g. if you have "crypt" crypted your passwords,
you
_will_ lose if you start using a Python without the "crypt" module.
====================================================================
Audit trail:
Fri Jul 09 18:56:04 1999 bwarsaw changed notes
Fri Jul 09 18:56:04 1999 bwarsaw moved from incoming to open
Maybe we should just use md5 all the time since its a standard Python module?
Actually, Mailman should just always use md5 or sha and never use crypt. Not important enough to change for 2.0 final.