2006-11-02T01:47:21 <xorAxAx> revisioned attachments are a security issue: http://www.heise.de/newsticker/meldung/80359
2006-11-02T01:47:24 <xorAxAx> ThomasWaldmann:
2006-11-02T01:47:51 <xorAxAx> so we may need some easy delete function for registered users
2006-11-02T01:48:15 <xorAxAx> (of course connected to acls ...)
2006-11-02T01:52:20 <ThomasWaldmann> that has other problems
2006-11-02T01:59:06 <xorAxAx> which ones?
2006-11-02T02:23:40 <ThomasWaldmann> that some idiots will register and delete stuff
2006-11-02T02:37:06 <anarcat> german translation at google isn't very helpful: http://translate.google.com/translate?u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fmeldung%2F80359&langpair=de%7Cen&hl=en&ie=UTF8
2006-11-02T02:37:17 <anarcat> too bad i suck at german.. :)
2006-11-02T02:38:23 <ThomasWaldmann> anarcat: some idiots spread a virus via wikipedia
2006-11-02T02:39:22 <anarcat> i got that part... how does that affect moin?
2006-11-02T02:39:30 <anarcat> esp revisioned attachments?
2006-11-02T02:39:53 <anarcat> (note how I got that part even before "translating" into english ;)
2006-11-02T02:40:49 <ThomasWaldmann> if you keep old revisions, bad guys can still link to them
2006-11-02T02:41:27 <anarcat> ok, thanks...
2006-11-02T02:42:03 <anarcat> i guess there could be a superuser delete button... which could also apply to page revisions, since there's probably a similar issue with spam (?)
2006-11-02T02:46:58 <ThomasWaldmann> yes, but then you have to wait for the su
2006-11-02T02:49:26 <anarcat> yep...
2006-11-02T02:59:34 <ThomasWaldmann> http://www.xs4all.nl/~egbg/counterscript.html
2006-11-02T03:03:42 <anarcat> heheh
2006-11-02T10:15:24 <xorAxAx> ThomasWaldmann: but thats not happening now either
2006-11-02T10:15:58 <xorAxAx> ThomasWaldmann: we could call it "mark for deletion" and let the superuser decide
2006-11-02T10:16:17 <xorAxAx> a bit like in dbase and imap where you have to expunge :)
2006-11-02T17:01:50 <ThomasWaldmann> yeah, good idea
2006-11-02T20:56:54 <dreimark> ThomasWaldmann:moin account create should always store a password. I do think if non is submitted a random one should be created
2006-11-02T20:59:10 <dreimark> ThomasWaldmann:I'll test tommorrow a patch for that
2006-11-02T21:01:11 <dreimark> In addition I do add account senddata or if you have a better name for that it could be changed it's about sending account login data
2006-11-02T21:07:57 <ThomasWaldmann> maybe account sendmail?
2006-11-02T21:11:08 <dreimark> ok
MoinMoin: MoinMoinChat/Logs/moin-dev/2006-11-02 (last edited 2007-10-29 19:16:28 by localhost)