-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wiki can be edited by foreigners. #2710
Comments
Github only supports allowing editing either to everyone or to users with push access. We assessed if that really would be a security threat, and it doesn't look so. What harm can be done -- adding wrong packages to installation instructions? Distro repos don't have malicious software in their repos so the abuser wouldn't benefit from that. Github support can block users who do blatantly harmful actions. |
Yes, you can do that. |
I was thinking of some think like |
It won't hurt to ask if in doubt like you just did. So far, http://meatballwiki.org/wiki/SoftSecurity has worked well enough. I only once deleted some inaccurate information -- and it wasn't even actively harmful, just not as helpful as the author probably hoped. |
That's reasonable enough. There are no further objections on my part. Though this policy could be stated somewhere in the Wiki to avoid future confusion. |
And how would one find it? Only if it's on the front page... I think the Contribution guide would be more appropriate. |
Yes, that would be a suitable place. However adding a statement to the plugin page in the Wiki on how to add plugins would be useful too. |
Wiki pages can currently be edited by any Github user which is kind of a Security Threat. It might also lead to misbehaviour of individuals. Instead I would suggest limiting editing to Collaborators.
I also have a question closely linked to this issue. I recently created a pyenv plugin called pyenv-link. I would like to see it being listed in the corresponding section of the Wiki. However I wonder whether I should add it to the list myself.
The text was updated successfully, but these errors were encountered: