On 05/11/2012 09:48 AM, Greg Stein wrote:
On Fri, May 4, 2012 at 4:58 AM, Gary<[email protected]> wrote:
Hi
Sorry to seem so suspicious but I guess everyone would be surprised if this
turned out to be a genuine ticket. I am going to assume that it is
malicious. Unless anyone can provide me with a good reason to do otherwise,
I will close the account and find a way of dealing with the ticket. Until
then I suggest that nobody visits the link in the ticket.
I realise that this is, so far, an isolated case at this point but we should
probably consider an appropriate procedure for dealing with these
situations, unless there is already a policy given by the ASF.
There's no special policy. This was obviously spam... you're right in
just closing the thing. "Closing as invalid."
(theoretically, somebody trying to open a valid ticket would re-open)
Cheers,
-g
Good to know, thanks.
We got a couple of spam events this morning too, this time in the wiki.
To deal with this, I have temporarily reduced the permissions for the
general authenticated group of users and added all accounts to an
additional group that provides the edit and create permissions.
I am not advocating at this point that this should become our default
policy and, unless this is actually seen as a better policy, I expect to
return edit and create permissions to all authenticated users in the
near future. One consequence of leaving the permissions in this state is
that a new registration will also need to ask for the edit permissions
to be added to their account.
Cheers,
Gary
