[GDB Wiki] Add editor privilege control

[GDB Wiki] Add editor privilege control

[Joel Brobecker]

Hello,

I'd like to protect our wiki from spammers who regularly use it
for their own purposes by adding read,write,delete,revert privileges
to only known members of the GDB community. The model I'd like
to follow is the model used in the GDB Wiki. See:

    http://gcc.gnu.org/wiki/EditorGroup

The idea is that we start with a list of people who are allowed
to edit. If anyone who's a legitimate contributor wants to edit
the wiki as well, one of the users already in the group simply adds
their name to the list.

As far as I can tell from my reading of MoinMoin's documentation,
this should be doable by first creating a group, which is done by
creating a page whose name ends in Group.

After that, I think we'll need to tweak the wiki configuration
in order to have the ACL apply site-wide:

    http://moinmo.in/HelpOnConfiguration#acl

We would remove all-but-read privileges to "All", and provide
all privileges of members of the EditorGroup.

Thoughts?

Thank you,
-- 
Joel

Re: [GDB Wiki] Add editor privilege control

[Eli Zaretskii]

> Date: Fri, 14 Feb 2014 07:07:59 +0400
> From: Joel Brobecker <brobecker@adacore.com>
> 
> I'd like to protect our wiki from spammers who regularly use it
> for their own purposes by adding read,write,delete,revert privileges
> to only known members of the GDB community. The model I'd like
> to follow is the model used in the GDB Wiki. See:
> 
>     http://gcc.gnu.org/wiki/EditorGroup
> 
> The idea is that we start with a list of people who are allowed
> to edit. If anyone who's a legitimate contributor wants to edit
> the wiki as well, one of the users already in the group simply adds
> their name to the list.

Why does it make sense to have a wiki that doesn't behave like a wiki,
i.e. is not a community-provided content?  IOW, how is what you
propose different from having this stuff on the GDB project web pages,
which are editable by only a few select people?

Re: [GDB Wiki] Add editor privilege control

[Joel Brobecker]

> Why does it make sense to have a wiki that doesn't behave like a wiki,
> i.e. is not a community-provided content?  IOW, how is what you
> propose different from having this stuff on the GDB project web pages,
> which are editable by only a few select people?

It would be editable by anybody, they would just have to show
that they are a real person without spamming intentions. The way
it would work is that anyone already in the edit group can add
anyone else by just editing a wiki page and adding the new user's
ID to the list, thereby vouching for them. It's still community-fed,
but just a little more controlled to make sure that only genuine
modifications are made.

As an example: I needed to make a change in the GCC wiki,
found that I cannot edit. Saw that there was a note about that
pointing me to the EditorGroup page. It told me that anyone
on that list can add someone else. So I contacted a couple of
people on the list I knew and they added me pronto.

If you haven't done so, I invite you to check out GCC's EditorGroup
page:

   http://gcc.gnu.org/wiki/EditorGroup

It really shows how simple it is to maintain that list and add
new people. The list currently has 52 people, and no question
was ever asked when I got added.

I would also welcome anyone to participate in the maintenance
of the GDB web pages as well. I even recently wrote a small
wiki page explaining how to make updates to it.
https://sourceware.org/gdb/wiki/GDBWebsiteUpdateProcedure

-- 
Joel

Re: [GDB Wiki] Add editor privilege control

[Stan Shebs]

On 2/13/14 7:07 PM, Joel Brobecker wrote:
> Hello,
> 
> I'd like to protect our wiki from spammers who regularly use it
> for their own purposes by adding read,write,delete,revert privileges
> to only known members of the GDB community. The model I'd like
> to follow is the model used in the GDB Wiki. See:
> 
>     http://gcc.gnu.org/wiki/EditorGroup
> 
> The idea is that we start with a list of people who are allowed
> to edit. If anyone who's a legitimate contributor wants to edit
> the wiki as well, one of the users already in the group simply adds
> their name to the list.

I considered that a while back, when learning enough about MoinMoin
to suck in the old internals manual, but decided against it; we
don't have very many spammers to begin with, and the antispam
subsystem forestalls most of those, with the net effect that we've
had to do only two manual reverts in the past three months.

If we were getting multiple spams per day, limiting to registered
members would make sense, but right now it doesn't seem necessary.

Stan
stan@codesourcery.com

Re: [GDB Wiki] Add editor privilege control

[Doug Evans]

On Fri, Feb 14, 2014 at 10:35 AM, Stan Shebs <stanshebs@earthlink.net> wrote:
> On 2/13/14 7:07 PM, Joel Brobecker wrote:
>> Hello,
>>
>> I'd like to protect our wiki from spammers who regularly use it
>> for their own purposes by adding read,write,delete,revert privileges
>> to only known members of the GDB community. The model I'd like
>> to follow is the model used in the GDB Wiki. See:
>>
>>     http://gcc.gnu.org/wiki/EditorGroup
>>
>> The idea is that we start with a list of people who are allowed
>> to edit. If anyone who's a legitimate contributor wants to edit
>> the wiki as well, one of the users already in the group simply adds
>> their name to the list.
>
> I considered that a while back, when learning enough about MoinMoin
> to suck in the old internals manual, but decided against it; we
> don't have very many spammers to begin with, and the antispam
> subsystem forestalls most of those, with the net effect that we've
> had to do only two manual reverts in the past three months.
>
> If we were getting multiple spams per day, limiting to registered
> members would make sense, but right now it doesn't seem necessary.

Yeah, I guess it's a question of what threshold of spam needs to be
crossed before we take this step.
I'm ok with taking the step.  I don't have a strong opinion on whether
now is the time.

Re: [GDB Wiki] Add editor privilege control

[Joel Brobecker]

> > If we were getting multiple spams per day, limiting to registered
> > members would make sense, but right now it doesn't seem necessary.
> 
> Yeah, I guess it's a question of what threshold of spam needs to be
> crossed before we take this step.
> I'm ok with taking the step.  I don't have a strong opinion on whether
> now is the time.

Neither do I, so I will not push the idea further unless it starts
gathering a little more support.

Thanks for the feedback, All!

-- 
Joel

Re: [GDB Wiki] Add editor privilege control

[Frank Ch. Eigler]

Hi -

stanshebs wrote:

> [...]  If we were getting multiple spams per day, limiting to
> registered members would make sense, but right now it doesn't seem
> necessary. [...]

With the present scheme, effective spam fighting requires ongoing
manual operations by you / tromey / whoever.  

Plus, the present scheme enables any spammer to create a moinmoin
userid, create a junk page, then leave.  The problem is that every
such junk user bogs the wiki software down more and more: there are
some 4000 now, with 10+/day new ones coming.  (Over at gcc/glibc,
before a cleanup, we had almost a hundred thousand (!), which was
enough to cause cgi/http timeouts to valid users.)  Cleaning *those*
up is difficult without a whitelist such as the EditorGroup.

- FChE

Re: [GDB Wiki] Add editor privilege control

[Joel Brobecker]

> With the present scheme, effective spam fighting requires ongoing
> manual operations by you / tromey / whoever.  
> 
> Plus, the present scheme enables any spammer to create a moinmoin
> userid, create a junk page, then leave.  The problem is that every
> such junk user bogs the wiki software down more and more: there are
> some 4000 now, with 10+/day new ones coming.  (Over at gcc/glibc,
> before a cleanup, we had almost a hundred thousand (!), which was
> enough to cause cgi/http timeouts to valid users.)  Cleaning *those*
> up is difficult without a whitelist such as the EditorGroup.

That's really useful feedback, thank you!

I also find it compelling that we have had a number of reverts done
the last few weeks, which is not huge, but larger than the twice-per-
quarter average we were counting on.

-- 
Joel

Re: [GDB Wiki] Add editor privilege control

[Joel Brobecker]

> > With the present scheme, effective spam fighting requires ongoing
> > manual operations by you / tromey / whoever.  
> > 
> > Plus, the present scheme enables any spammer to create a moinmoin
> > userid, create a junk page, then leave.  The problem is that every
> > such junk user bogs the wiki software down more and more: there are
> > some 4000 now, with 10+/day new ones coming.  (Over at gcc/glibc,
> > before a cleanup, we had almost a hundred thousand (!), which was
> > enough to cause cgi/http timeouts to valid users.)  Cleaning *those*
> > up is difficult without a whitelist such as the EditorGroup.
> 
> That's really useful feedback, thank you!
> 
> I also find it compelling that we have had a number of reverts done
> the last few weeks, which is not huge, but larger than the twice-per-
> quarter average we were counting on.

Stan - we keep getting hit by spam on the wiki, and I really don't
see a reason not to protect ourselves against it. Do you agree?

Frank - Do you know what would need to be done at the technical
level to protect ourselves? I would think we first create a EditorGroup
page in the wiki, then add the corresponding group and its privileges
in the wiki's configuration, right? Or can everything be done directly
from the wiki? Anything else we should be doing?

Thanks,
-- 
Joel

Re: [GDB Wiki] Add editor privilege control

[Jonas Maebe]

On 09 Apr 2014, at 14:53, Joel Brobecker wrote:

> Frank - Do you know what would need to be done at the technical
> level to protect ourselves? I would think we first create a  
> EditorGroup
> page in the wiki, then add the corresponding group and its privileges
> in the wiki's configuration, right? Or can everything be done directly
> from the wiki? Anything else we should be doing?

A very useful protection against spammers for our wiki that I've found  
is using the stopforumspam.com blacklist. It's specifically geared at  
stopping wiki/forum spammers and works much better than more generic  
blacklists such as the Spamhaus XBL. Here's how to use it in MediaWiki/ 
PHP:

if(isset($_SERVER['remote_addr']) && ereg('yes', file_get_contents('http://www.stopforumspam.com/api?ip=' 
  . $_SERVER['remote_addr'])))
{
   <it's a blacklisted IP>
}

I know neither PHP nor Python very well (I got the above code from  
somewhere else), so I can't translate it, but I'm sure you get the  
gist. As long as you
a) forbid editing by anonymous users
b) perform the above check at account creation time and whenever  
someone tries to add a link to an article

you should be pretty safe. I've had only 3 potentially bogus account  
registrations and not a single instance of spam on our wiki since I  
started using that blacklist 10 days ago. You can use it freely,  
except if you have more than 20000 queries per day (we have about 200  
account creation attempts per hour on average, sometimes spiking to  
over a 1000). In that case you should download snapshots of their  
database and use that instead, as explained at http://www.stopforumspam.com/downloads/


Jonas

Re: [GDB Wiki] Add editor privilege control

[Frank Ch. Eigler]

Hi -

On Wed, Apr 09, 2014 at 05:53:30AM -0700, Joel Brobecker wrote:
> [...]
> Frank - Do you know what would need to be done at the technical
> level to protect ourselves? I would think we first create a EditorGroup
> page in the wiki, then add the corresponding group and its privileges
> in the wiki's configuration, right? [...]

That's about it.  Y'all can draft the EditorGroup page, then let me
know when to flip the acl switches.  The initial syntax is:

#acl EditorGroup:read,write,delete,revert All:read
#format wiki
#language en
Members of this group are allowed to edit the wiki. This is a community maintained list. As a member of EditorGroup you can add other users to this list but by doing so you vouch for them.

 * UserName
 * OtherUserName
 * YetAnotherUserName
 

- FChE

Re: [GDB Wiki] Add editor privilege control

[Stan Shebs]

On 4/9/14 5:53 AM, Joel Brobecker wrote:
>>> With the present scheme, effective spam fighting requires ongoing
>>> manual operations by you / tromey / whoever.  
>>>
>>> Plus, the present scheme enables any spammer to create a moinmoin
>>> userid, create a junk page, then leave.  The problem is that every
>>> such junk user bogs the wiki software down more and more: there are
>>> some 4000 now, with 10+/day new ones coming.  (Over at gcc/glibc,
>>> before a cleanup, we had almost a hundred thousand (!), which was
>>> enough to cause cgi/http timeouts to valid users.)  Cleaning *those*
>>> up is difficult without a whitelist such as the EditorGroup.
>>
>> That's really useful feedback, thank you!
>>
>> I also find it compelling that we have had a number of reverts done
>> the last few weeks, which is not huge, but larger than the twice-per-
>> quarter average we were counting on.
> 
> Stan - we keep getting hit by spam on the wiki, and I really don't
> see a reason not to protect ourselves against it. Do you agree?

Yes, it's getting into the annoying range.  Spammers must be passing
around our textcha answers, and they're using subjects that are not
on MoinMoin's already-lengthy list of known spam types.

So, time for the whitelist.  As a bonus, we can turn off the textcha.

Stan

Re: [GDB Wiki] Add editor privilege control

[Joel Brobecker]

> That's about it.  Y'all can draft the EditorGroup page, then let me
> know when to flip the acl switches.  The initial syntax is:
> 
> #acl EditorGroup:read,write,delete,revert All:read
> #format wiki
> #language en
> Members of this group are allowed to edit the wiki. This is a community maintained list. As a member of EditorGroup you can add other users to this list but by doing so you vouch for them.
> 
>  * UserName
>  * OtherUserName
>  * YetAnotherUserName

Thanks, Frank. I just created the EditorGroup page, using the user
names from all legitimate change for the past month or so, but
purposefully leaving myself out of the list for testing. Would you
mind turning the ACLs on, so we can see how well it works with me?

Thanks!
-- 
Joel