Module talk:ProtoFlux: Difference between revisions

Discussion page of Module:ProtoFlux
Open talk for Module:ProtoFlux, re: Safety of unprotected module code.
 
→‎RFC: Protection of Modules (Resolved: No action needed): Fix missing sentence, update post date accordingly
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== RFC: Protection of Modules ==
== RFC: Protection of Modules (Resolved: No action needed) ==


Having module code be immediately editable by any registered (+automoderated) user of the wiki could present security concerns, if not properly audited. Should additional protections be implemented here? - [[User:LeoCatto|LeoCatto]] ([[User talk:LeoCatto|talk]]) 05:25, 25 January 2024 (UTC)
Having module code be immediately editable by any registered (+automoderated) user of the wiki could present security concerns, if not properly audited. Should additional protections be implemented here? - [[User:LeoCatto|LeoCatto]] ([[User talk:LeoCatto|talk]]) 05:25, 25 January 2024 (UTC)
: According to this, it is pretty safe: https://www.mediawiki.org/wiki/Topic:Sdyxgj3uj96qm3um . However, if you can list some of the attack vectors you're worried about we can do some additional research. [[User:ProbablePrime|ProbablePrime]] ([[User talk:ProbablePrime|talk]]) 05:34, 25 January 2024 (UTC)
:: Read through that, seems to cover most of my concerns. I suppose the main consideration would still be ensuring that templates and modules like this; which are used widely across many pages, don't get vandalized. But then again, standard protocol applies, so... guess this is primarily a non-issue. Marking resolved. - [[User:LeoCatto|LeoCatto]] ([[User talk:LeoCatto|talk]]) 06:21, 25 January 2024 (UTC) ''(edited)''

Latest revision as of 06:21, 25 January 2024

RFC: Protection of Modules (Resolved: No action needed)

Having module code be immediately editable by any registered (+automoderated) user of the wiki could present security concerns, if not properly audited. Should additional protections be implemented here? - LeoCatto (talk) 05:25, 25 January 2024 (UTC)

According to this, it is pretty safe: https://www.mediawiki.org/wiki/Topic:Sdyxgj3uj96qm3um . However, if you can list some of the attack vectors you're worried about we can do some additional research. ProbablePrime (talk) 05:34, 25 January 2024 (UTC)
Read through that, seems to cover most of my concerns. I suppose the main consideration would still be ensuring that templates and modules like this; which are used widely across many pages, don't get vandalized. But then again, standard protocol applies, so... guess this is primarily a non-issue. Marking resolved. - LeoCatto (talk) 06:21, 25 January 2024 (UTC) (edited)