[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ELPA policy
|
From: |
Alex Schröder |
|
Subject: |
Re: ELPA policy |
|
Date: |
Thu, 12 Nov 2015 18:29:30 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (darwin) |
Drew Adams <address@hidden> writes:
> Again: "I post my code to Emacs Wiki (to locked pages)."
>
> But of course that doesn't mean it is uncrackable.
Given that Emacs Wiki currently does not use HTTPS, we should consider
Emacs Wiki insecure. Even then, the admin passwords are shared and there
are no other efforts made to identify editors once they present the
admin password. The current setup only protects against the simplest of
threat models, e.g. spammers, vandals, well-meaning contributors that
want to edit wiki pages instead of informing maintainers, and so on. I
think that's the threat model wiki pages need to defend against, but I
suspect that's not good enough for an inclusion into Emacs Core.
--
Public Key Fingerprint = DF94 46EB 7B78 4638 7CCC 018B C78C A29B ACEC FEAE
- Re: ELPA policy, (continued)
- Re: ELPA policy, John Wiegley, 2015/11/11
- RE: ELPA policy, Drew Adams, 2015/11/11
- Re: ELPA policy, Richard Stallman, 2015/11/11
- RE: ELPA policy, Drew Adams, 2015/11/11
- Re: ELPA policy, Artur Malabarba, 2015/11/11
- Re: ELPA policy, Dmitry Gutov, 2015/11/11
- Re: ELPA policy, Richard Stallman, 2015/11/12
- Re: ELPA policy, Artur Malabarba, 2015/11/12
- Re: ELPA policy, Stephen Leake, 2015/11/12
- RE: ELPA policy, Drew Adams, 2015/11/12
- Re: ELPA policy,
Alex Schröder <=
- Re: ELPA policy, Richard Stallman, 2015/11/12
- RE: ELPA policy, Drew Adams, 2015/11/12
- Re: ELPA policy, Eli Zaretskii, 2015/11/13
- Re: ELPA policy, Richard Stallman, 2015/11/13
- RE: ELPA policy, Drew Adams, 2015/11/13
- Re: ELPA policy, Richard Stallman, 2015/11/13
- Re: ELPA policy, Michael Heerdegen, 2015/11/16
- RE: ELPA policy, Drew Adams, 2015/11/16
- Re: ELPA policy, Richard Stallman, 2015/11/17
- Re: ELPA policy, John Wiegley, 2015/11/17