From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id F417B1381F3 for ; Sun, 16 Jun 2013 10:53:12 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DCFF3E094F; Sun, 16 Jun 2013 10:53:07 +0000 (UTC) Received: from mail.a3li.li (sawfish.a3li.li [89.238.78.10]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C8EE5E07F9 for ; Sun, 16 Jun 2013 10:53:06 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.a3li.li (Postfix) with ESMTP id 38513222725 for ; Sun, 16 Jun 2013 12:53:05 +0200 (CEST) X-Virus-Scanned: amavisd-new at a3li.li Received: from mail.a3li.li ([127.0.0.1]) by localhost (stingray.a3li.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ajSDdh0rSK5h for ; Sun, 16 Jun 2013 12:53:03 +0200 (CEST) Received: from [192.168.2.130] (p5DD57063.dip0.t-ipconnect.de [93.213.112.99]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.a3li.li (Postfix) with ESMTPSA id 96901222715 for ; Sun, 16 Jun 2013 12:53:03 +0200 (CEST) Message-ID: <51BD991C.4040500@gentoo.org> Date: Sun, 16 Jun 2013 12:53:16 +0200 From: Alex Legler User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130418 Thunderbird/17.0.5 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] RFC: Moving project pages to wiki.gentoo.org References: <51B48FA1.9080403@gentoo.org> <51BD387C.4050800@gentoo.org> In-Reply-To: <51BD387C.4050800@gentoo.org> X-Enigmail-Version: 1.6a1pre Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----enig2OETGTRTBHWEWPIATABFG" X-Archives-Salt: beec8eac-39af-4609-8301-d502156bc613 X-Archives-Hash: c43f4d9dadfdc7b431cb7c76ab11b1e1 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2OETGTRTBHWEWPIATABFG Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 16.06.2013 06:01, "Pawe=C5=82 Hajdan, Jr." wrote: > On 6/9/13 7:22 AM, Alex Legler wrote: >> I'd appreciate some input on below plan to move project pages to the W= iki: >=20 > Alex, thanks for working on this! Some feedback: >=20 > 1. How will the project pages be protected against "unwanted" edits? I > think it's valuable to have some official pages where you know only > Gentoo devs can edit them. The Project: namespace is restricted to only allow users in the developer group to edit. >=20 > 2. How will the staffing needs page be updated after dropping gorg? You create a subpage for each staffing need, filling in information using a form. Semantic magic aggregates these, and you'll get a template to include for your project page to list the ones for your project specifically. >=20 > 3. How secure is the wiki? Do we have regular backups and security > updates procedures in place? I know you're member of the security team > and infra team is doing its job well, but I just wanted to check. > Dynamic web applications arguably have bigger attack surface than > effectively a bunch of static files only editable after you gain server= > access. It's part of the usual infra backup, and I follow upstream release announcements and update accordingly. >=20 > Pawe=C5=82 >=20 >=20 --=20 Alex Legler Gentoo Security/Ruby/Infrastructure ------enig2OETGTRTBHWEWPIATABFG Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRvZkcAAoJEDa6ZWES7jAAgOEQALgEG+5G0LvfnuOEjFZ9xcV5 obR5M/fIVdTLPPjU3WfUP7EvrS/1vG+1Lh3zRz4CRHJ4LGwiPVkRbvV7yt0kI+jT kmh+ILk1NyykmUkrkHTSH7FdR49bL/s52p2533eQ2KQvlLb7J8SezXl9h0GADY+Q KobL3OKqAe7ZL17VqUq/1/z+qwSt3NnES5DqEu1rBXwKt0Aj3PeFaebIw2KXO/1W +Y5PU07W3PzkXRJ3NdMiNml6rGDI3pWOBsb3hZ7sf2DonsXPZA0IzO//slgZTnSD 9FzlqIBD/NIFO0IQPiJe4wzjEtE/dEnalxKlKRNY+PetLMNL1bak9BynPLtwURZD uydYn+IEVBgpulJOQt4jvUf9htIVPPe42BlTfKEd4FBMTFXcp7TrVBnug84zMBIf Bqhp+VBRtkvmtsOJBXdazWUf0KaTeXqKn4LE8dhWJFImcabsPhJGj2b7wotzTrMt V2WEIYv38/8TC0D3B5o5lOQG13azXtp+LdVUATQEKyPYXI/pQ2efr7GFSG+Tp8i3 Qy+hl3xkyNtlkUtkgfmbJwa71g/7x/ujQpFSk1cYAEscQL9EqquSVtLO7a2hXCvB FgwgpgVLwo2XsM/JziRkYJOVImvMlYGnQ9Vv9UHCAlhIUZMRu7YtVfv5AkZXffTT LmfoW4OV9WNhGUorYaKe =NCTY -----END PGP SIGNATURE----- ------enig2OETGTRTBHWEWPIATABFG--