On Thu, Jun 26, 2014 at 8:03 AM, Andre Klapper <aklap...@wikimedia.org> wrote:
> On Thu, 2014-06-26 at 16:17 +0200, Bartosz Dziewoński wrote: > > I feel like this would result in a ton of reports that say "YOU CAN > > DEFACE THE MAIN PAGE!!!" which is editable, if not protected, because > > it's a wiki. > > This. > I have seen several 'bug reports' in Mozilla Bugzilla by 'security > researchers' about source code of projects being exposed on Mozilla's > servers. Clearly a security breach. What does "FOSS" stand for? > > So it boils down to "how to keep clueless people out", to be rough. > > Heck, we get it to security@ pretty often. Just had one a few weeks ago saying "If I append a ?title=foo param it changes the page title!" -Chad _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l