Page MenuHomePhabricator
Create Task
Maniphest T118641

Implement proper AAA for lists.wikimedia.org (mailman)
Closed, ResolvedPublic
Actions

Description

Spin off from https://blog.wikimedia.org/2015/11/12/mailman-security-incident/

The security model of mailman was maybe good enough 20 years ago, but is currently very much out of date. AAA stands for Authentication, Authorization and Accounting. In the case of lists:

  • Authentication: Currently I have dozens of lists I am subscribed to with passwords, for admins of lists we have different passwords and these are shared among admins. I should just be able to login with OATH/LDAP or the likes
  • Authorization: If we know who is who we can assign roles (member, moderator, admin, maybe more) to people
  • Accounting: This is for bonus points: Who did what? For example who allowed/denied an email in moderation

I'm pretty sure this isn't available for mailman yet so this isn't going to be easy at all. Two possible approaches:

  • Implement this in Mailman (upstream)
  • Switch to different software with similar functionality

Both major undertakings.

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedNoneT118641 Implement proper AAA for lists.wikimedia.org (mailman)
 InvalidNoneT24366 Can subscribe and unsubscribe notices to list admins, and config changes, state who took the action
 ResolvedNoneT52864 Upgrade GNU Mailman from 2.1 to Mailman3
 ResolvedNoneT130554 Official support for upgrade from existing Mailman 2.1 lists to Mailman 3
 ResolvedNoneT256536 Puppetize mailman3
 ResolvedLadsgroupT256542 Puppetize mailman3 web and hyperkitty (mailman archiver)
 ResolvedMarosteguiT256538 Create test databases for mailman3
 ResolvedNoneT256539 Figure out a way to sync old and new mailman
 ResolvedLegoktmT256541 Fix the problem with gravatar and mailman3
 DeclinedLadsgroupT276687 Backport hyperkitty 1.3.4 for buster
 Resolvedbd808T257270 Request creation of mailman VPS project
 ResolvedLadsgroupT258365 Setup Mailman3 in Cloud VPS
 Resolvedbd808T286344 Request for creating a DNS record for lists.wmcloud.org to 185.15.56.28
 ResolvedLegoktmT276686 Requesting a test VM in production for mailman3
 DeclinedNoneT276697 Implement central logging for mailman3
 ResolvedDzahnT276712 Request for creation of mailman3-roots group
 ResolvedLegoktmT277263 Enable CSP for mailman3
 ResolvedLegoktmT277286 Make puppet for mailman3 ready for production
 ResolvedLegoktmT278280 Setup monitoring for mailman3
 ResolvedLegoktmT278352 Figure out dkim for mailman3
 ResolvedLadsgroupT278609 Import several public mailing lists archives from mailman2 to lists-next to measure database size
 ResolvedLegoktmT278610 Install mailman3 on lists1001.wikimedia.org
 ResolvedLadsgroupT278612 Install mailman3 and mailman2 at the same time on the cloud
 ResolvedMarosteguiT278614 Create production databases for mailman3
 ResolvedLadsgroupT280322 Upgrade mailing lists from mailman2 to 3 in batches
 DuplicateNoneT284045 Still getting "lists.wikimedia.org mailing list memberships reminder" email

Event Timeline

Multichill created this task.Nov 14 2015, 1:12 PM
Multichill raised the priority of this task from to Needs Triage.
Multichill updated the task description. (Show Details)
Multichill added a project: Wikimedia-Mailing-lists.
Multichill added subscribers: Multichill, Akoopal.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptNov 14 2015, 1:12 PM
Multichill added a project: Security-General.Nov 14 2015, 1:14 PM
Multichill set Security to None.
Krenair subscribed.Nov 14 2015, 2:07 PM

Have you checked Mailman 3?

KTC subscribed.Nov 14 2015, 7:02 PM
-jem- subscribed.Nov 19 2015, 11:40 AM
Ariconte subscribed.Nov 19 2015, 11:43 AM
Krenair moved this task from Backlog to Shell/site on the Wikimedia-Mailing-lists board.Jan 13 2016, 1:39 AM
jeremyb-phone renamed this task from Implement proper AAA for lists.wikimedia.org (mailman to Implement proper AAA for lists.wikimedia.org (mailman).Jan 30 2016, 4:32 PM
jeremyb-phone updated the task description. (Show Details)
jeremyb-phone added a subscriber: jeremyb.
Nemo_bis added a project: Upstream.Feb 11 2016, 7:53 AM
Nemo_bis added a subtask: T24366: Can subscribe and unsubscribe notices to list admins, and config changes, state who took the action.Feb 11 2016, 8:04 AM
Phabricator_maintenance added a project: acl*security.Sep 20 2018, 9:14 AM
Restricted Application added a project: SRE. · View Herald TranscriptSep 20 2018, 9:14 AM
MoritzMuehlenhoff triaged this task as Medium priority.Sep 25 2018, 9:19 AM
Phabricator_maintenance moved this task from Backlog to Acknowledged on the SRE board.Jan 26 2019, 8:24 PM
Aklapper removed a project: Security-General.Dec 13 2019, 10:46 AM
chasemp added a project: Security.Feb 10 2020, 10:59 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:08 PM
Legoktm added a subtask: T52864: Upgrade GNU Mailman from 2.1 to Mailman3.Mar 25 2021, 9:55 PM
Legoktm subscribed.

The first two As will definitely be addressed by mailman3. I'm not sure about Accounting, but that was bonus points anyways. I would encourage you to test out the mailman3 test installation and file specific tasks for missing features.

Legoktm moved this task from Shell/site to Mailman2 limitations on the Wikimedia-Mailing-lists board.Apr 28 2021, 4:38 AM
Ladsgroup closed subtask T52864: Upgrade GNU Mailman from 2.1 to Mailman3 as Resolved.Jun 1 2021, 3:40 PM
Ladsgroup closed this task as Resolved.Jun 1 2021, 6:03 PM
Ladsgroup subscribed.

Tentatively calling this done given that we now have mailman3, reopen if you think mailman3 doesn't satisfy AAA

Multichill added a comment.Jun 2 2021, 9:01 PM
In T118641#7127096, @Ladsgroup wrote:

Tentatively calling this done given that we now have mailman3, reopen if you think mailman3 doesn't satisfy AAA

Well done getting that implemented

Effeietsanders awarded a token.Jun 7 2021, 7:37 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits