Hi,
same thing here. A lot of usergroups "accept" social media but in regards to data privacy like to avoid it. Although technical not true people might believe that Facebook & Co have access to the data in a local mailman install.
I would like to disable it to but havent yet the time to dive into it.
+1 for site wide disabling
Regards
Hagen
On 12.02.19 17:11, Stephen J. Turnbull wrote:
Note: I've changed the order of sentences from Torge's post to fit my responses.
Torge Riedel writes:
I do agree, same here on my side. Lot's of my users are very "sensitive" to social media and don't want see them here.
This is the first I've heard of this. Obviously it's fairly widespread; *please* speak up if anyone have similar issues that we haven't addressed. AFAIK all of the currently active Mailman developers believe that social auth is a GoodThang[tm], so we're unlikely to DTRT as you see it without your help.
I need to migrate from mailman2 to mailman3 and was wondering why social accounts are enabled by default
By default Mailman 3 is social media: you have a profile, you can be searched in the indicies of the archives, and so on. The large auth providers provide more secure authentication, and a lot of convenience for users who have such accounts already. They also take some administrative burden off the list and site managers when people lose their passwords and forget what their subscription address is, and similar scenarios. Clearly, these are not universally-valued features, but I think that they justify the current defaults.
and are difficult to disable.
They're easy enough to disable (easy to recognize and just add a hash character in front), since you have to edit settings_local.py to install anyway. If you're using a packaged version and the package configuration utility doesn't handle it, there's nothing we can do about it. The distro will have to deal with that.
It should be better documented, I imagine (haven't checked yet).
I propose something like an additional setting listing the enabled social accounts.
Do you mean in the Postorius administration interface? If so, do you want it by-site, by-domain, or by-list? ("You" is everybody who wants to disable social auth, not just Torge!)
If you mean in settings_local.py, I suggested something similar earlier. It's not obvious it would be easy to do (sometimes these things are order-dependent, though that's bad practice).
And if the admin is setting this to an empty value in the settings_local.py everything is disabled
Because the settings are a Python module, this is the way settings_local.py works anyway. That's why Mark suggested editing INSTALLED_APPS.
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/