jeanfrederic.wiki at gmail
Apr 8, 2012, 8:04 AM
Post #1 of 3
(105 views)
Permalink
|
|
Upload of OpenDocument files safe?
|
|
Hi dear tech folks,
The MediaWiki 1.18 release notes stated the following:
“(bug 24230 [1]) Uploads of ZIP types, such as MS Office or OpenOffice can
now be safely enabled. A ZIP file reader was added which can scan a ZIP
file for potentially dangerous Java applets. This allows applets to be
blocked specifically, rather than all ZIP files being blocked.”
On the Wikimedia Commons village pump [2], concerns were still raised about
security (some referred to macros specifically).
Brion stated in 2008 that the ZIP issue was the only problem we had with
OpenDocument upload [3], and TheDJ confirmed so in said thread; but let’s
make it super-extra clear as for the technical side:
* Is it completely safe to enable upload of OpenDocument files on Wikimedia
Commons?
* If not, would you advise us to restrict this type of uploads to trusted
users? [4]
With this confirmation, we can quietly discuss on Commons whether we want
this or not :-)
Thanks for your help!
[1] <https://bugzilla.wikimedia.org/show_bug.cgi?id=24230>
[2] <
https://commons.wikimedia.org/wiki/Commons:Village_pump/Archive/2012/03#Enabling_upload_of_ZIP_types.2C_such_as_MS_Office_or_OpenOffice
>
[3] <
http://lists.wikimedia.org/pipermail/wikitech-l/2008-November/040246.html>
[4] in the spirit of <
https://commons.wikimedia.org/wiki/Commons:Restricted_uploads>
--
Jean-Frédéric
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
|
