From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 15270 invoked by alias); 9 Apr 2014 13:12:32 -0000 Mailing-List: contact gdb-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-owner@sourceware.org Received: (qmail 15259 invoked by uid 89); 9 Apr 2014 13:12:32 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.8 required=5.0 tests=AWL,BAYES_50,RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: smtp2.ugent.be Received: from smtp2.ugent.be (HELO smtp2.ugent.be) (157.193.49.126) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 09 Apr 2014 13:12:30 +0000 Received: from localhost (mcheck2.ugent.be [157.193.49.249]) by smtp2.ugent.be (Postfix) with ESMTP id 55F7812C368; Wed, 9 Apr 2014 15:12:28 +0200 (CEST) Received: from smtp2.ugent.be ([IPv6:::ffff:157.193.49.126]) by localhost (mcheck2.UGent.be [::ffff:157.193.43.11]) (amavisd-new, port 10024) with ESMTP id Au3_DDAqmaF4; Wed, 9 Apr 2014 15:12:33 +0200 (CEST) Received: from mail.elis.ugent.be (mail.elis.UGent.be [157.193.206.48]) by smtp2.ugent.be (Postfix) with ESMTP id 1BEBB12C41C; Wed, 9 Apr 2014 15:12:23 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mail.elis.ugent.be (Postfix) with ESMTP id EC22EAA3004B; Wed, 9 Apr 2014 15:12:22 +0200 (CEST) Received: from mail.elis.ugent.be ([127.0.0.1]) by localhost (mail.elis.ugent.be [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qaCRM2bQ-I25; Wed, 9 Apr 2014 15:12:22 +0200 (CEST) Received: from bigmac.elis.UGent.be (bigmac.elis.UGent.be [157.193.206.33]) by mail.elis.ugent.be (Postfix) with ESMTP id A800DAA30048; Wed, 9 Apr 2014 15:12:22 +0200 (CEST) Cc: "Frank Ch. Eigler" , Stan Shebs , gdb@sourceware.org Message-Id: <42515698-A91E-47AB-8FDB-27036DA72E40@elis.ugent.be> From: Jonas Maebe To: Joel Brobecker In-Reply-To: <20140409125330.GA21704@adacore.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v936) Subject: Re: [GDB Wiki] Add editor privilege control Date: Wed, 09 Apr 2014 13:12:00 -0000 References: <20140214030759.GC5485@adacore.com> <52FE61DD.6010000@earthlink.net> <20140303161227.GL4860@adacore.com> <20140409125330.GA21704@adacore.com> X-j-chkmail-Enveloppe: 53454737.000 from mail.elis.UGent.be/mail.elis.UGent.be/157.193.206.48/mail.elis.ugent.be/ X-j-chkmail-Score: MSGID : 53454737.000 on smtp2.ugent.be : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham X-IsSubscribed: yes X-SW-Source: 2014-04/txt/msg00028.txt.bz2 On 09 Apr 2014, at 14:53, Joel Brobecker wrote: > Frank - Do you know what would need to be done at the technical > level to protect ourselves? I would think we first create a > EditorGroup > page in the wiki, then add the corresponding group and its privileges > in the wiki's configuration, right? Or can everything be done directly > from the wiki? Anything else we should be doing? A very useful protection against spammers for our wiki that I've found is using the stopforumspam.com blacklist. It's specifically geared at stopping wiki/forum spammers and works much better than more generic blacklists such as the Spamhaus XBL. Here's how to use it in MediaWiki/ PHP: if(isset($_SERVER['remote_addr']) && ereg('yes', file_get_contents('http://www.stopforumspam.com/api?ip=' . $_SERVER['remote_addr']))) { } I know neither PHP nor Python very well (I got the above code from somewhere else), so I can't translate it, but I'm sure you get the gist. As long as you a) forbid editing by anonymous users b) perform the above check at account creation time and whenever someone tries to add a link to an article you should be pretty safe. I've had only 3 potentially bogus account registrations and not a single instance of spam on our wiki since I started using that blacklist 10 days ago. You can use it freely, except if you have more than 20000 queries per day (we have about 200 account creation attempts per hour on average, sometimes spiking to over a 1000). In that case you should download snapshots of their database and use that instead, as explained at http://www.stopforumspam.com/downloads/ Jonas