[COLUG] Wiki in colug space -- was untitled Re: colug]
Duane
duane at cacert.org
Tue Jul 11 11:22:36 EDT 2006
R P Herrold wrote:
> I do not understand the need for the colug to reinvent provisioning this
> wheel, nor to expose its stable environment to the ongoing exploits
> which wiki's seem to produce weekly. Johnny Hughes (centos builder) colo
> box' web content was cracked over the weekend by a Syrian, seemingly,
> through the wiki he ran. The twiki security mailing list has weekly
> exploits; the vendor-sec list shows more; and vuln-dev lots and lots. I
> find the (obvious) risk exposure not worth the (unseen to me) reward.
How's this any different to any other web software that is poorly coded?
I'd say it's unfair to make the sweeping statements you have and claim
all wikis are insecure just because one seems to be and was the cause of
problems for someone.
While I agree with you about wikis being over used, they can be somewhat
useful in some cases, usually when people are forced to register to make
changes, and even then it can be a pita to make sure people stick to
facts and not emotively charged beliefs...
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://e164.org - Because e164.arpa is a tax on VoIP
"In the long run the pessimist may be proved right,
but the optimist has a better time on the trip."
More information about the colug432
mailing list