Re: [Chicken-users] wiki spam merging issue
This makes sense. However, since spam is apparently bypassing authorization --the index page can't be edited anonymously--and also logging, I was concerned there is a more critical underlying problem. It might even affect more than the index page. I have upgraded the version of Svnwiki in Galinha and will try to keep an eye on it. It's strange that on conflicts it is not managing to revert the index file out of conflicts. I suspect there may be a bug in the underlying svn libraries. We'll see what happens now. If you see any other problems with the wiki, please bring them to my atention. Thanks. Alejo. http://azul.freaks-unidos.net/ ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users
Re: [Chicken-users] wiki spam merging issue
On Feb 16, 2008 6:32 AM, Jim Ursetto [EMAIL PROTECTED] wrote: Hi, It appears that authorized, legitimate wiki edits to random pages are causing simultaneous commits to the 'index' page, which consists of spam in the form of an SVN merge conflict. Can someone look into this? I think Alejandro would be the one. cheers, felix ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users
Re: [Chicken-users] wiki spam merging issue
On Feb 17, 2008 12:22 AM, felix winkelmann [EMAIL PROTECTED] wrote: On Feb 16, 2008 6:32 AM, Jim Ursetto [EMAIL PROTECTED] wrote: Hi, It appears that authorized, legitimate wiki edits to random pages are causing simultaneous commits to the 'index' page, which consists of spam in the form of an SVN merge conflict. Can someone look into this? I think Alejandro would be the one. Actually, why don't we simply disable web-editing of the index page? It seems to be the only one that's heavily spammed, and it shouldn't very often be modified by the casual user. Wasn't there some svn property that one could set? cheers, felix ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users
Re: [Chicken-users] wiki spam merging issue
This makes sense. However, since spam is apparently bypassing authorization --the index page can't be edited anonymously--and also logging, I was concerned there is a more critical underlying problem. It might even affect more than the index page. On 2/16/08, felix winkelmann [EMAIL PROTECTED] wrote: Actually, why don't we simply disable web-editing of the index page? It seems to be the only one that's heavily spammed, and it shouldn't very often be modified by the casual user. ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users
Re: [Chicken-users] wiki spam merging issue
problem is as follows, methinks: when something fails auth, it still is saved to a reject file, just like normal svn. the problem is that once something succeeds in auth, then any rejects are automatically appended. now, we cant just get rid of rejects in the event that someone mistypes their password or something, cause then theyd lose all their changes. this leads to one of two possible solutions: a) bind rejects to an ip. only merge in rejects from the same ip. (not as good) b) require auth before getting to edit page. of the two, b seems much cleaner, and avoids the problem of merges even from non-webpage edits. -elf On Sat, 16 Feb 2008, Jim Ursetto wrote: This makes sense. However, since spam is apparently bypassing authorization --the index page can't be edited anonymously--and also logging, I was concerned there is a more critical underlying problem. It might even affect more than the index page. On 2/16/08, felix winkelmann [EMAIL PROTECTED] wrote: Actually, why don't we simply disable web-editing of the index page? It seems to be the only one that's heavily spammed, and it shouldn't very often be modified by the casual user. ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users
[Chicken-users] wiki spam merging issue
Hi, It appears that authorized, legitimate wiki edits to random pages are causing simultaneous commits to the 'index' page, which consists of spam in the form of an SVN merge conflict. Check `svn log index` and notice that quite a few recent commits follow this pattern. For example, svn diff -r8490:8491 was a change via svnwiki to the http wiki page, with a logged in user, but this also added spam to the index page in the same changeset. This has happened several times over the past few days. My working assumption is that multiple changes are being batched into one update and piggybacked on the logged-in user's commit. Even though the index page requires authentication, it still somehow gets through. Perhaps the server is being assaulted by spambots, enough to trigger a rare condition. Can someone look into this? ___ Chicken-users mailing list Chicken-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/chicken-users
