• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Small change:

delRev and repRev are currently documented in TWikiScripts. That documentation should be removed. While security by obsculity is never a good security, layers of security is good security.

delRev and repRev should be documented, but not in a visible spot. The code is an obscure enough place.

Cairo had it documented in TWiki.cfg:

#############################################################
##########        Administration notes     ##################
#############################################################
#
# Don't forget to customize also the TWiki.TWikiPreferences topic.
#
# You can alter the most recent revision of a topic using /edit/web/topic?cmd=repRev
#    - use only as a last resort, as history is altered
#    - you must be in TWikiAdminGroup
#    - you will be presented with normal edit box, but this will also include meta
#      information, modify this with extreme care
#
# You can delete the most recent revision of a topic using /edit/web/topic?cmd=delRev
#    - use only as a last resort, as history is lost
#    - you must be in TWikiAdminGroup
#    - fill in some dummy text in the edit box
#    - ignore preview output
#    - when you press save last revision will be deleted
#

-- PTh

There is no need to obscure documentation admin functions when they are protected by a security requirement such as membership of TWikiAdminGroup. Neglecting to document such functions just leads to confusion (it took me ages to work out what the hell the obscure cmd parameter and repRev and delRev were supposed to do when I first encountered them). I do not favour making TWiki hard to understand or maintain. The documentation should remain where it is.

Discarded.

CC

I disagree respectfully (and I anticipated that you would discard this).

These invasive commands should be used with care. Non-administrators should not know about this. There are actually public TWiki installations without authentication enabled where anyone can add himself/herself to the admin group. So layered security is better than single security.

-- PTh

you call that respectfully? gads. considering the huge amount of dissagreement you've gotten about the continuing existance of this disgusting 'feature' - especially as there are other better suggestions that you have also brushed aside, you really need to know that repectful is the least correct characterisation.

SD

I absolutely agree they should be used with great care (preferably not at all!) but hiding them is not the way to go. If an admin is unaware of this feature, there is no motive for them to protect against their use; and obscuring the documentation is one way to make sure admins are not aware of the feature. Most decent people I know have never heard of delRev and repRev - including most admins. On the other hand, any footpad will be perfectly aware of their existance, if they have researched possible exploits of TWiki. It's like hiding a spare key to your front door under a flowerpot, and then not telling the rest of your family where it is. The first place a burglar will look is under the flowerpots, but your kids will be locked out on the street!

If you want to fix the documentation, fix it by hanging blinking red danger signs around it and shouting in the admins ears that they have to protect against accidental or malicious use of those commands!

CC

I want to fully support Crawford and Sven here.

I often use this secret feature in my current Cairo to delete spam. It is not enough to create a new version of the topic with the spam removed. The spam will still be visible on the older version and give the spammer the links to his rubbish that he wants search engines to index. So this feature is more useful than you may think about for this purpose. But natually only for the real admins of the TWiki site.

The admin needs to know about the feature. The attackers already know for sure.

KJL

This feature is essential for public sites. I use delRev all the time on TWiki.org to remove vandalism (and in earlier days spam).

OK, lets have it your way to leave the docs as is. This a disagree and commit thingy for me. I will add some docs in the code though.

-- PTh

ItemTemplate
Summary Undocument delRev and repRev
ReportedBy PeterThoeny
Codebase

SVN Range Tue, 03 Jan 2006 build 8080
AppliesTo Engine
Component

Priority Urgent
CurrentState No Action Required
WaitingFor

Edit | Attach | Watch | Print version | History: r9 < r8 < r7 < r6 < r5 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r9 - 2006-01-05 - PeterThoeny
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2018 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback