More Swiki damage by socp-b.scsnet.com

Andreas Raab Andreas.Raab at gmx.de
Wed Jul 24 23:27:35 UTC 2002 

Moderated Swikis... perhaps not such a bad idea. If we could hand out
"moderation passwords" per page then we should be able to have both,
unmoderated commits (done by people with passwords) and moderated
commits (done by the moderator(s)).

Cheers,
  - Andreas

> -----Original Message-----
> From: squeak-dev-admin at lists.squeakfoundation.org 
> [mailto:squeak-dev-admin at lists.squeakfoundation.org] On 
> Behalf Of Gary Fisher
> Sent: Thursday, July 25, 2002 1:15 AM
> To: squeak-dev at lists.squeakfoundation.org
> Subject: Re: More Swiki damage by socp-b.scsnet.com
> 
> 
> Kevin;
> 
> Having managed a few public message boards myself I agree 
> that the problem
> won't be stopped by simply locking individual accounts or even entire
> domains from the Swikis, but limiting them to list members 
> would in effect
> lock out everyone who either chooses not to join the list or 
> has not yet
> figured out how to do so.  The first group includes many potentially
> valuable contributors who simply don't want the Squeak list's 
> volume, the
> second includes almost every potential new Squeaker.
> 
> Further, since joining the list from a "throwaway account" is 
> just as easy
> as using such an account to deface a Swiki, tying the two 
> together would add
> little security and might bring hooligans onto the list who 
> until now have
> been satisfied with just defacing a web page here and there.
> 
> Perhaps an answer could be found in a combination approach -- 
> rather than
> making edits instantly "live," keep them out of view until approved by
> anyone with the current password, which could be sent with 
> each month's list
> subscriber "reminder" message, the first of which (if I 
> recall correctly)
> arrives the month AFTER someone joins the list (in contrast 
> to the "new
> member welcome message").  The same information could be sent to
> non-members, including teachers and others who might not have time to
> participate in the dev list but would be qualified (and 
> willing) to deal
> with the approval process.
> 
> If that were done, then list members would have full use of 
> the Swikis after
> a few days or weeks on the list, and would share the task of 
> seeing that
> inappropriate changes didn't make it into public view.  
> Qualified Swiki
> users who are not list members would also have access.  
> Casual vandals would
> be unlikely to sit through a few days or weeks of messages in hopes of
> picking up the "password of the month," while useful uploads 
> or edits would
> wait only as long as it took the next list member / password 
> holder to visit
> and decide.
> 
> The main fly in the ointment is that some pages aren't 
> visited as regularly
> as others; the answer to that might be to generate an email 
> notice either to
> the list or an assigned "page editor" if something is left 
> unapproved for
> some set length of time, perhaps 72 hours or less.
> 
> I think this would offer the best balance between the "open" 
> spirit of the
> Swikis and the necessity of keeping some degree of order.
> 
> Gary Fisher
> 
> 
> ----- Original Message -----
> From: "Kevin Fisher" <kgf at golden.net>
> To: <squeak-dev at lists.squeakfoundation.org>
> Sent: Wednesday, July 24, 2002 6:21 PM
> Subject: Re: More Swiki damage by socp-b.scsnet.com
> 
> 
> > Not to be a cynic here (well, I guess it's unavoidable having been a
> sysadmin :)
> > but simply locking out the IP may not put an end to it.  
> After all, AOL
> > throwaway accounts are pretty much free in every cereal box 
> these days.
> >
> > It doesn't seem to me that the vandal in question is going 
> to stop anytime
> > soon, either...someone fixes the swiki, and he wrecks it 
> the next day.
> >
> > Is there any realistic way to allow swiki access based upon 
> membership
> > to this mailing list?  Ideally, we'd be the ones changing 
> it the most.
> >
> >
> > On Wed, Jul 24, 2002 at 01:27:34PM -0700, Ned Konz wrote:
> > > This time it locked the page after damaging it:
> > > http://minnow.cc.gatech.edu/squeak/393
> > >
> > > Isn't there some way to lock out this IP?
> > >
> > > --
> > > Ned Konz
> > > http://bike-nomad.com
> > > GPG key ID: BEEA7EFE
> > >
> > >
> >
> 
>

More information about the Squeak-dev mailing list