[pydotorg-www] [PSF-Members] [Infrastructure] Wiki news?
Neil Schemenauer
neil at python.ca
Fri Jan 18 19:59:04 CET 2013
[PSF list removed]
On 2013-01-18, M.-A. Lemburg wrote:
> In other words, the backdoor will likely have been open for
> several months.
My thanks to all the work put in by volunteers. Has there been any
consideration given to using different wiki software? It's my
impression that MoinMoin has a quite poor record with regard to
security:
http://moinmo.in/SecurityFixes
The abundance of past holes doesn't predict future ones but in
general there seems to be a correlation. Whatever software we use,
keeping the wiki separated (e.g. in its own VM) is definitely a good
idea. Anytime you allow remote users to create content the risks
are high.
Regards,
Neil
More information about the pydotorg-www
mailing list