[Koha] Preventing vandalism of the Koha demo sites

Ian Walls ian.walls at bywatersolutions.com
Thu Mar 25 06:33:41 NZDT 2010


Eric,


That seems like a good way to deal with not wiping out someone's active
data, while still keeping the database clean.  I'll look into it.

Thanks!


-Ian

On Wed, Mar 24, 2010 at 1:19 PM, Eric Bégin <Eric.Begin at inlibro.com> wrote:

>  Thank you Ian for letting us know.
>
> My suggestion would be to reset the database every hour only if there was
> no active sessions in the last <timeout syspref value> seconds.
>
> How that sounds?
>
> Eric
>
> Josh Westbrook wrote:
>
> I think if you listed at what time the database resets, that would be
> fine.  Something like, the database resets at the top of every hour, or on
> every even hour, etc.  Awhile back I took a look at the Bywater demos and
> there was something questionable in the news section then too.  I can't
> remember what it was exactly - but it obviously shouldn't have been there.
>
> Josh Westbrook
> Prescott Library Mngr/District Technology Mngr
> Walla Walla County Rural Library District
> joshw at wwrurallibrary.com
> http://www.wwrurallibrary.com
>
>
> 2010/3/24 Ian Walls <ian.walls at bywatersolutions.com>
>
>> Everyone,
>>
>>
>>  As many of you know, the Koha demos currently linked to
>> koha-community.org are hosted by ByWater Solutions.  This morning we
>> noticed some offensive vandalism on the main staff page.  It has been
>> removed, but it's gotten us thinking about how we can secure the demos
>> better against such things in the future.
>>
>>  Current thinking is that we should set the database up to refresh from a
>> clean copy every hour.  This would limit exposure to offensive damage to a
>> brief window, but would also mean that anyone taking a tour and adding test
>> records may lose them midway through their explorations.  A brief note to
>> this effect should be put both outside and inside the demo, but it would
>> still prove annoying.
>>
>>  Rather than acting unilaterally upon a community resource, we thought it
>> would be best to get the community's opinions on how best to handle this.
>>  Is an hour too narrow a window?  Should we only refresh certain tables
>> (like systempreferences) and leave others (like biblios or borrowers)?  Are
>> there other methods we should consider?
>>
>>  My goal is to get this taken care of by the end of the day.  If good
>> ideas come in after that, though, I am of course willing to change course.
>>
>>  Cheers,
>>
>>
>>  -Ian Walls
>> Lead Developer
>> ByWater Solutions
>>
>> _______________________________________________
>> Koha mailing list
>> Koha at lists.katipo.co.nz
>> http://lists.katipo.co.nz/mailman/listinfo/koha
>>
>>
> ------------------------------
>
> _______________________________________________
> Koha mailing listKoha at lists.katipo.co.nzhttp://lists.katipo.co.nz/mailman/listinfo/koha
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20100324/ac9bf1f6/attachment-0001.htm 


More information about the Koha mailing list