No edit summary |
→RFC: Protection of Modules: Reply, resolve as no action needed |
||
Line 1: | Line 1: | ||
== RFC: Protection of Modules == | == RFC: Protection of Modules (Resolved: No action needed) == | ||
Having module code be immediately editable by any registered (+automoderated) user of the wiki could present security concerns, if not properly audited. Should additional protections be implemented here? - [[User:LeoCatto|LeoCatto]] ([[User talk:LeoCatto|talk]]) 05:25, 25 January 2024 (UTC) | Having module code be immediately editable by any registered (+automoderated) user of the wiki could present security concerns, if not properly audited. Should additional protections be implemented here? - [[User:LeoCatto|LeoCatto]] ([[User talk:LeoCatto|talk]]) 05:25, 25 January 2024 (UTC) | ||
: According to this, it is pretty safe: https://www.mediawiki.org/wiki/Topic:Sdyxgj3uj96qm3um . However, if you can list some of the attack vectors you're worried about we can do some additional research. [[User:ProbablePrime|ProbablePrime]] ([[User talk:ProbablePrime|talk]]) 05:34, 25 January 2024 (UTC) | : According to this, it is pretty safe: https://www.mediawiki.org/wiki/Topic:Sdyxgj3uj96qm3um . However, if you can list some of the attack vectors you're worried about we can do some additional research. [[User:ProbablePrime|ProbablePrime]] ([[User talk:ProbablePrime|talk]]) 05:34, 25 January 2024 (UTC) | ||
:: Read through that, seems to cover most of my concerns. I suppose the main consideration would still be ensuring that templates and modules like this - which are used widely across many pages. But then again, standard protocol applies, so... guess this is primarily a non-issue. Marking resolved. - [[User:LeoCatto|LeoCatto]] ([[User talk:LeoCatto|talk]]) 06:17, 25 January 2024 (UTC) |
Revision as of 06:18, 25 January 2024
RFC: Protection of Modules (Resolved: No action needed)
Having module code be immediately editable by any registered (+automoderated) user of the wiki could present security concerns, if not properly audited. Should additional protections be implemented here? - LeoCatto (talk) 05:25, 25 January 2024 (UTC)
- According to this, it is pretty safe: https://www.mediawiki.org/wiki/Topic:Sdyxgj3uj96qm3um . However, if you can list some of the attack vectors you're worried about we can do some additional research. ProbablePrime (talk) 05:34, 25 January 2024 (UTC)
- Read through that, seems to cover most of my concerns. I suppose the main consideration would still be ensuring that templates and modules like this - which are used widely across many pages. But then again, standard protocol applies, so... guess this is primarily a non-issue. Marking resolved. - LeoCatto (talk) 06:17, 25 January 2024 (UTC)