Il 21/gen/2016 22:47, "Warren Young" ha scritto:
> 2b. developer: Gains all permissions removed above that weren’t given to
reader. May also gain additional permissions besides those not removed
above, resulting in alphabet soup flavors such as the ever popular
bcdefghikmnotw. (Now 20% off with
On Jan 21, 2016, at 5:21 AM, Richard Hipp wrote:
>
> On 1/21/16, Stephan Beal wrote:
>>
>> - make sure that the 'anonymous' user cannot write to the wiki
>
> I wonder if we could come up with a "security checklist" page of some
> kind that would guide admins through these steps, and perhaps ot
On Jan 21, 2016, at 5:15 AM, Stephan Beal wrote:
>
> In one of the cases, someone appended non-trivial text directly relevant to
> the (obscure) topic of the wiki page, indicating that this was (at least in
> part) a person, not a bot.
That sounds like the default ‘m’ permission on the anonymo
On 1/21/16, Stephan Beal wrote:
>
> - make sure that the 'anonymous' user cannot write to the wiki (nor tickets
> - a prior attack targeted my ticketing system, injecting spam tickets).
>
> - use /reports?view=byuser to make sure that 'anonymous' hasn't made any
> changes. If he shows up in the /r
Hi, all,
i recently discovered that, apparently due to incorrect permissions, a
spambot (or person) had gotten ahold of several of my repos and replaced
_small_ bits of wiki text with links to remote sites. Nothing important was
modified/compromised, but i did have to back and fish out some old ve
5 matches
Mail list logo
