[Koha] Preventing vandalism of the Koha demo sites
Ian Walls
ian.walls at bywatersolutions.com
Thu Mar 25 05:47:02 NZDT 2010
Paul,
This particular vandalism was the embedding of an obscene image in the staff
client main block. It appears to done by an individual human, rather than a
script.
-Ian
2010/3/24 Paul Poulain <paul.poulain at biblibre.com>
> Le 24/03/2010 16:56, Ian Walls a écrit :
>
> Everyone,
>
>
> As many of you know, the Koha demos currently linked to
> koha-community.org are hosted by ByWater Solutions. This morning we
> noticed some offensive vandalism on the main staff page. It has been
> removed, but it's gotten us thinking about how we can secure the demos
> better against such things in the future.
>
> Current thinking is that we should set the database up to refresh from a
> clean copy every hour. This would limit exposure to offensive damage to a
> brief window, but would also mean that anyone taking a tour and adding test
> records may lose them midway through their explorations. A brief note to
> this effect should be put both outside and inside the demo, but it would
> still prove annoying.
>
> Rather than acting unilaterally upon a community resource, we thought it
> would be best to get the community's opinions on how best to handle this.
> Is an hour too narrow a window? Should we only refresh certain tables
> (like systempreferences) and leave others (like biblios or borrowers)? Are
> there other methods we should consider?
>
> My goal is to get this taken care of by the end of the day. If good
> ideas come in after that, though, I am of course willing to change course.
>
> Cheers,
>
> Could you detail what kind of vandalism it was ?
> Was it a scripted attack ? if yes, a simple template improvement could do
> the job on the login page (like "how much is 2x3")?
>
> --
> Paul POULAINhttp://www.biblibre.com
> Expert en Logiciels Libres pour l'info-doc
> Tel : (33) 4 91 81 35 08
>
>
> _______________________________________________
> Koha mailing list
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20100324/b9586791/attachment.htm
More information about the Koha
mailing list