[cairo] web updates

Carl Worth cworth at cworth.org
Tue Jun 21 14:31:11 PDT 2011 

On Sat, 18 Jun 2011 11:35:37 +0200, Nis Martensen <nis.martensen at web.de> wrote:
> There is also the problem of resetting/rebasing public repos that
> people pull from. OK, there aren't so many people involved here so
> that should be manageable.

Right. I have been breaking those with my resets.

> On the other hand this is supposed to be an easily editable public wiki.
> Does striving for a clean history really make sense in that context?

We want an easily-editable public wiki, but I also want a nicely
git-editable wiki. The recent state with a long string of spam commits
followed by fixups really is ugly.

Beyond the ugly history, though, in this state it's really hard to know
if the spam is still present or not. I just checked and saw that several
spam URLs were still around after the latest "revert spam" fixup.

So I just did another reset to entirely remove the recent, obvious spam
commits from the history, (and I cherry-picked the three non-spam
commits since the current attack started).

This time I did reset ikiwiki's own checkout as well and manually ran
the post-update hook to regenerate things. Hopefully what I did actually
worked this time. (If not, please let me know and I'll improve my own
instructions for doing this.)

> Only if that doesn't help we should look at further restrictions,
> like only allowing the wiki admin to create wiki accounts, or even
> disabling web editing completely.

Disabling web editing might be the right approach. I've been using
anonymous git pushes (via git-daemon) with a more recent ikiwiki setup I
have on another server (notmuchmail.org). I don't think git-daemon even
had write support when I setup the cairo wiki. (I can also imagine the
freedesktop.org site wranglers would not even consider enabling it.)

Another option is to publish a key that could be used only for ssh-based
pushes to the repository. It would be significantly more work for
legitimate users to make their first wiki edit (compared to now) but
could be quite convenient for future changes. Of course, the same
applies to spammers, but hopefully they wouldn't even bother.

> If someone wants to spend more time, creating a moderation system
> for web edits would be another idea.

I don't have spare cycles for creating a moderation system, but I would
be happy to run it if someone would create it.

Has anyone checked what else other ikiwiki users are doing here?

-Carl

-- 
carl.d.worth at intel.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.cairographics.org/archives/cairo/attachments/20110621/3198cb00/attachment.pgp>

More information about the cairo mailing list