Our company has a MediaWiki installation under a directory, protected at the Apache level, from access, i.e. requiring a user login. We've had this setup for many years and it has worked well. Everyone in the company can view and edit the Wiki without the restriction, but barring a breach of the Apache access handler, it is protected from others.
On Fri, Jan 31, 2014 at 8:23 PM, John Abreau <[email protected]> wrote: > Have you heard of TWiki? Foswiki is a fork of TWiki. As I understand it, > the forking was in response to a dispute among TWiki developers over > licensing issues. > > > On Fri, Jan 31, 2014 at 6:52 PM, Bill Horne <[email protected]> wrote: > > > On 1/31/2014 5:20 PM, David Kramer wrote: > > > >> > >> On 01/31/2014 01:56 PM, Jeffrey Young wrote: > >> > >>> I want to implement a Media Wiki at work, but my boss is worried about > >>> security risks. To me it seems simple, if it's not exposed to the > world, > >>> what's the problem? Am I missing something? > >>> > >>> Thanks, > >>> Jeff > >>> _______________________________________________ > >>> Discuss mailing list > >>> [email protected] > >>> http://lists.blu.org/mailman/listinfo/discuss > >>> > >> if "it's not exposed to the world" is known to be a true statement, then > >> what is he concerned about? > >> > >> I will say that MediaWiki *is* very hard to lock down if that statement > >> is not known to be true. Most wikis fall into one of two camps: > >> "Information wants to be free and that's what wikis are for so why would > >> you want to lock it down?" and "Today's internet is a scary place and > >> even wikis need access control". There's not much in the middle. > >> > >> I LOVE Foswiki for many reasons, but very high on the list is that it > >> has full user/group authorizations at the system level, the wiki level, > >> and at the page level. > >> > > > > +1 > > > > Mediawiki's documentation specifically warns against trying to implement > > access controls. The software is used at Wikipedia, and so is geared > toward > > an "everybody can write" model, albeit with retroactive oversight. > > > > I'm not familiar with Foswiki, but your point is well taken: the idea of > a > > wiki is that many hands make short work, and trying to limit access is a > > contradiction in terms. > > > > Bill > > > > -- > > Bill Horne > > William Warren Consulting > > http://www.william-warren.com/ > > 339-364-8487 > > > > _______________________________________________ > > Discuss mailing list > > [email protected] > > http://lists.blu.org/mailman/listinfo/discuss > > > > > > -- > John Abreau / Executive Director, Boston Linux & Unix > Email: [email protected] / WWW http://www.abreau.net / PGP-Key-ID > 0x920063C6 > PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23 C2D0 E885 E17C 9200 63C6 > _______________________________________________ > Discuss mailing list > [email protected] > http://lists.blu.org/mailman/listinfo/discuss > _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
