[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Apparmor suggestion to include more profiles

On 06/02/2016 01:22 AM, Malte Gell wrote:
> Can a certain wiki site not be restricted to allow only certain people
> to post stuff?

It depends what you mean by 'certain".  If you mean an open one such as
Wikipedia, then probably not, since it's based on 'mass contribution'.

All the Wiki's I've installed have been geared to contributions only by
register/approved users, with granularity of access levels,  For example
any registered user might comment in the comment field, but even so that
may need approval by an editor/moderator, or if not approval then the
possibility of review.

Mainline content is another level of access; that too can be subject to

While all this is S.O.P on things like WordPress blogs, there are many
wiki engines that don't offer such features.  I grew up using the
Perl-based wikis derived from Leuf+Cunningham's original work, like
TikiWiki.  When I encountered the MediaWiki code I was amazed at how
bloated and incapable it was by comparison.

I've used and set up and tested many wikis along the way, from very
public ones to small-fast personal ones; they are great for
documentation and because of what Wikipedia has done, the concept is
familiar to most corporate workers, and they immediately pick up on the
extensions that deal with, for example, comments and feedback that seem
like blogs.

So, yes, in the sense that 'certain' means a site that has been designed
with a capable wiki engine such as FosWiki, and the plugins for the
levels of access control (role based perhaps) and correctly configured,
the answer is yes.  But isn't the issue of "correctly configured" always
a proviso?

     \ / ASCII Ribbon Campaign
      X  Against HTML Mail
     / \
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx