This is not a "bug" but more a security concern.
SYMPA generates a one_time_ticket link when sending emails waiting to be moderated.
THese links looks like http://domain/sympa/ticket/xxxxxxxxxxxxxx
Allows to review / validate / reject the message waiting to be moderated.
But, this is my main concern, it also auto authenticates you to the sympa web interface.
Someone intercepting this moderation email is authenticated as the user and this should not happen. Because with this you can manage the list, post to the list as the user and so on.
This one time link is also kinda weak for an autologin link (14 random numbers).
Version
Installation method
Expected behavior
This link should allow you to manage the email waiting to be moderated and nothing more. It should not gives you a valid user session.
Actual behavior
This link autologins you to the user session and gives you all its user rights.
Hello,
This is not a "bug" but more a security concern. SYMPA generates a one_time_ticket link when sending emails waiting to be moderated. THese links looks like http://domain/sympa/ticket/xxxxxxxxxxxxxx Allows to review / validate / reject the message waiting to be moderated.
But, this is my main concern, it also auto authenticates you to the sympa web interface.
Someone intercepting this moderation email is authenticated as the user and this should not happen. Because with this you can manage the list, post to the list as the user and so on.
This one time link is also kinda weak for an autologin link (14 random numbers).
Version
Installation method
Expected behavior
This link should allow you to manage the email waiting to be moderated and nothing more. It should not gives you a valid user session.
Actual behavior
This link autologins you to the user session and gives you all its user rights.
Steps to reproduce
Additional information