[Bf-committers] Probe Message Privacy Issue

Dan McGrath danmcgrath.ca at gmail.com
Thu Mar 1 17:29:39 CET 2018

>Gotta love mailman :)

I know, right! It's such a horribly old system. I just had to answer
someone about it mailing back clear text passwords, because mailman.... ;p

> Mailing list subscribers are already exposed on the list member page on
> lists.blender.org. I am unsure if they page is protected by a script, but
> they are available to anyone to see in a browser.

I have no idea who originally configured our mailing lists, and each list
could have potentially been configured by a different person.  Keep in mind
that these lists go back over a decade in some cases.  In general, it was
likely configured either by Marco Walraven (former admin I took over from),
Nathan Letwory (former admin), or even Ton (Ton is Ton!) himself.  Whomever
it was, didn't close off the subscribers list to the public, but for
unknown reasons.

There may have been reasons that the members list was opened that are since
lost to the archives of time. Personally, I think it should be closed to
anyone other than staff (admins/moderators), but Ton, in general, tends to
like things to be open and free and less policed etc., so perhaps he wants
it to be this way? Who would I be to reverse such a decision! If it's okay
with Ton, I think it wouldn't be a big deal to go through and disable this
feature for all of our lists (honestly, it is a horrible privacy concern,


Dan McGrath

More information about the Bf-committers mailing list