MoinMoinChat/Logs/moin-dev/2006-11-02

2006-11-02T01:47:21  <xorAxAx> revisioned attachments are a security issue: http://www.heise.de/newsticker/meldung/80359
2006-11-02T01:47:24  <xorAxAx> ThomasWaldmann:
2006-11-02T01:47:51  <xorAxAx> so we may need some easy delete function for registered users
2006-11-02T01:48:15  <xorAxAx> (of course connected to acls ...)
2006-11-02T01:52:20  <ThomasWaldmann> that has other problems
2006-11-02T01:59:06  <xorAxAx> which ones?
2006-11-02T02:23:40  <ThomasWaldmann> that some idiots will register and delete stuff
2006-11-02T02:37:06  <anarcat> german translation at google isn't very helpful: http://translate.google.com/translate?u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fmeldung%2F80359&langpair=de%7Cen&hl=en&ie=UTF8
2006-11-02T02:37:17  <anarcat> too bad i suck at german.. :)
2006-11-02T02:38:23  <ThomasWaldmann> anarcat: some idiots spread a virus via wikipedia
2006-11-02T02:39:22  <anarcat> i got that part... how does that affect moin?
2006-11-02T02:39:30  <anarcat> esp revisioned attachments?
2006-11-02T02:39:53  <anarcat> (note how I got that part even before "translating" into english ;)
2006-11-02T02:40:49  <ThomasWaldmann> if you keep old revisions, bad guys can still link to them
2006-11-02T02:41:27  <anarcat> ok, thanks...
2006-11-02T02:42:03  <anarcat> i guess there could be a superuser delete button... which could also apply to page revisions, since there's probably a similar issue with spam (?)
2006-11-02T02:46:58  <ThomasWaldmann> yes, but then you have to wait for the su
2006-11-02T02:49:26  <anarcat> yep...
2006-11-02T02:59:34  <ThomasWaldmann> http://www.xs4all.nl/~egbg/counterscript.html
2006-11-02T03:03:42  <anarcat> heheh
2006-11-02T10:15:24  <xorAxAx> ThomasWaldmann: but thats not happening now either
2006-11-02T10:15:58  <xorAxAx> ThomasWaldmann: we could call it "mark for deletion" and let the superuser decide
2006-11-02T10:16:17  <xorAxAx> a bit like in dbase and imap where you have to expunge :)
2006-11-02T17:01:50  <ThomasWaldmann> yeah, good idea
2006-11-02T20:56:54  <dreimark> ThomasWaldmann:moin account create should always store a password. I do think if non is submitted a random one should be created
2006-11-02T20:59:10  <dreimark> ThomasWaldmann:I'll test tommorrow a patch for that
2006-11-02T21:01:11  <dreimark> In addition I do add account senddata or if you have a better name for that it could be changed it's about sending account login data
2006-11-02T21:07:57  <ThomasWaldmann> maybe account sendmail?
2006-11-02T21:11:08  <dreimark> ok
MoinMoin: MoinMoinChat/Logs/moin-dev/2006-11-02 (last edited 2007-10-29 19:16:28 by localhost)