https://bugzilla.wikimedia.org/show_bug.cgi?id=34150
--- Comment #1 from badon <fastgoldf...@gmail.com> 2012-02-02 20:54:18 UTC --- I think like a template programmer. A better way to handle security is to set permissions for users and groups in LocalSettings.php. That's probably the best place to configure whether mass-auto-created pages have a particular property associated with them, or not. Doing it in LocalSettings.php will prevent intentional circumvention by a malicious user trying to implement a Denial of Service attack by spamming the wiki to death with mass-auto-creates. The hashed-password idea should probably be done in PHP too, configured in LocalSettings.php, or in some administrator-only Special page, with data stored in the database. It would be trivial for a malicious user to hack out password checking code from a template. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
