On Aug 13, 2007, at 6:25 PM, Brad Knowles wrote:
On 8/13/07, Chris Waltham wrote:

Is there a relatively straightforward mechanism to protecting list
archives from prying eyes? From what I can tell, anyone that can
guess the URL of the archives (e.g. www.foo.org/pipermail/listname)
can view the archives of the list, even if they're not a subscriber
to the list.
Make the archives private, and only subscribers will be able to log
in and see it. This is independent of whether or not the list
itself is advertised or not.
Thanks Brad, I got this suggestion privately right about the same
time you sent this one. :-)
Rather than make a .htaccess file for each list, or even disable
archives altogether, what can I do to secure this? This is with
mailman-2.1.9, built-in pipermail on RHEL 4. I have ~ 830 lists with
a couple hundred messages per list, on average.
You shouldn't need to do anything unusual here. For a single list,
you should be able to go to the web admin page for the list, then
go down to the "Archiving Options" section, and click the radio
button to make the archives private as opposed to public, then
click the button at the bottom which says "Submit Your Changes".

Now, for automating this for ~830 lists, you'll probably want to do
that using a "withlist" script and a bit of Python code.
I'll try searching the archives to see if there's a command to do
what I want, otherwise I could just input and output some config
files and run sed over them ;-)


Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 4 | next ›
Discussion Overview
groupmailman-users @
postedAug 13, '07 at 8:08p
activeAug 19, '07 at 4:38a



site design / logo © 2022 Grokbase