[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: wiki on sf
From: |
Etienne Grossmann |
Subject: |
Re: wiki on sf |
Date: |
Fri, 6 Jun 2003 09:12:58 +0100 |
User-agent: |
Mutt/1.3.28i |
Hi,
still more wiki-related questions, thanks for your patience. Some
technical questions and one password-related question.
On Thu, Jun 05, 2003 at 07:44:16PM -0500, Alex Schroeder wrote:
# Etienne Grossmann <address@hidden> writes:
#
# > I don't get it : there is no $ConfigPage in the script (got from
# > http://www.emacswiki.org/current.txt). There's $ConfigPage. Is that
# > what you meant?
#
# The variable $ConfigPage was introduced 2003-06-04. It's default
# value is '' -- ie. there will be no page on the wiki that is executed
# as Perl code. This is good.
Ok, now I saw, in the latest code, that configpage gets the same
treatment as configfile, but it is one of the wiki's pages
(modifiable), while the other is a file outside of the wiki (not
modifiable). Indeed, setting configpage seems to leave a wide open
door.
# > $UseConfig is set and the config file defines $FooterNote, $EditNote,
# > $HomePage, $LogoUrl and $StyleSheet. Is that insecure?
#
# No, that seems very reasonable.
#
# > I set $AdminPass, did
# >
# > http://anonimo.local/cgi-bin-etienne/oddmuse.pl?action=password
# >
# > entered and received a cookie valid until 2005. Until then, I can do
# > anything I like? If I get it correctly, the wiki's owner can add
# > (edit|admin)passwords and communicate them to each developer? Once an
# > editor|administrator logs in, he's in for 2 year?
#
# If the wiki owner changes the passwords, then those users using an old
# password will no longer be administrators. The mechanism is really
# simple: action=password stores the password you used in the cookie,
# and as long as you use this cookie, and the password in the cookie
# matches one of the passwords defined by the wiki owner, you are an
# administrator. When the cookie is created, it is valid for 2 years.
#
# One potential problem is connecting from a public computer and using
# action=password. Then the cookie will be stored on a public computer
# for two years. Personally, this is not a problem for me. Do you
# feel that the cookie with the password should expire after the
# session ends? Currently the username and the password are stored in
Lemmesee : the username comes from the CGI object, not from a
user-filled box. So it is more 'browser information' (e.g. IP) than
actual username. right?
# the same cookie; this change would require using two cookies instead
# of one.
What about a scheme in which, in order to modify a page, you have to
enter a username and a password. Each time someone checks in ('save'
button) a page.
Alternatively, we can leave the wiki just plain open. Anyone can
change anything. How do you restore a page to its old version? (didn't
find it at http://emacswiki.wikiwikiweb.de/cgi-bin/oddmuse.pl).
Cheers,
Etienne
# Alex.
# --
# http://www.emacswiki.org/cgi-bin/alex.pl
#
#
#
# -------------------------------------------------------------
# Octave is freely available under the terms of the GNU GPL.
#
# Octave's home on the web: http://www.octave.org
# How to fund new projects: http://www.octave.org/funding.html
# Subscription information: http://www.octave.org/archive.html
# -------------------------------------------------------------
#
#
#
--
Etienne Grossmann ------ http://www.isr.ist.utl.pt/~etienne
-------------------------------------------------------------
Octave is freely available under the terms of the GNU GPL.
Octave's home on the web: http://www.octave.org
How to fund new projects: http://www.octave.org/funding.html
Subscription information: http://www.octave.org/archive.html
-------------------------------------------------------------
- Re: wiki on sf [was Re: C++ functions], (continued)
- Re: wiki on sf [was Re: C++ functions], D. Goel, 2003/06/04
- Re: wiki on sf [was Re: C++ functions], Etienne Grossmann, 2003/06/04
- Re: wiki on sf [was Re: C++ functions], D. Goel, 2003/06/04
- Message not available
- Re: wiki on sf, Etienne Grossmann, 2003/06/05
- Re: wiki on sf, D. Goel, 2003/06/05
- Re: wiki on sf, Etienne Grossmann, 2003/06/05
- Re: wiki on sf, D. Goel, 2003/06/05
- Re: wiki on sf, Alex Schroeder, 2003/06/05
- Re: wiki on sf, Etienne Grossmann, 2003/06/05
- Re: wiki on sf, Alex Schroeder, 2003/06/05
- Re: wiki on sf,
Etienne Grossmann <=
- Re: wiki on sf, Alex Schroeder, 2003/06/07
- Re: wiki on sf, Etienne Grossmann, 2003/06/09
- Re: wiki on sf, D. Goel, 2003/06/09