[pmwiki-users] pmwiki with hostile users?
W Randolph Franklin
pmwiki at wrfranklin.org
Wed Oct 28 07:48:22 CDT 2009
Hi,
Is it safe to allow write access to pmwiki groups to users who might try
to break it or break in?
I've enjoyed using pmwiki for several years for my home page, for
members of my research groups and to present course material to my
classes. See http://wrfranklin.org/
Some students like what they see so much that they've asked to use a
pmwiki group for their term project. Indeed, I'd like all my students
to post their progress reports on it.
However, some of these students might try to test the system's limits.
Potentially hostile people with write access to single pages or entire
groups is a stronger threat than potentially hostile people with only
read access.
Am I opening myself or our web server to risks?
Is there a difference between giving the students access to single pages
vs to an entire group?
I haven't enabled separate farms, and would rather not have the hassle.
However, is that worth it?
I'm thinking of not allowing upload access; students can link to images
on their personal web directories.
Thanks.
/W. Randolph Franklin
P.s. my spell checker just suggested replacing 'pmwiki' with 'homework' ?!
More information about the pmwiki-users
mailing list