I agree that this action was uncalled for. At best it was not his responsibility to take action, and we will consider the appropriate repsonse. Thank you for re-enabling news_admin, etc.
However, the announcement in question must also be considered. Since it does appear to be a violation of our decision made 12-18-2007, it has been disabled pending admin discussion. Please do not post any additional news items regarding tine until it has been cleared by at least one admin. The request should be done via email to [EMAIL PROTECTED] to ensure that we have each been notified. I don't see how else to handle this without allowing anarchy to persist. Cornelius Weiss wrote: > Hi devs, > > yesterday at 17:40 CET the egroupware.org website got hijacked by a > user named "Lutz Falkenburg". > > He managed to disable the newssection and some html blocks on the > frontpage and on the news page. > > The attack came from a valid egroupware.org account. This user had the > technical grants to do so, due to his membership of the groups > 'editors' and 'manaual'. He got this memberships about two years ago, > cause he offert do translate website and manaual into german language. > > However afaik this user never translated stuff, and kept inactive > about two years, till yesterday. > As i was the one, granting this privileges, I applogize for missing to > remove the grants after it became clear that this user is mainly a jerk. > > In my function as being teamleader of the webmasters team, i > deactivated the account and restored our website. > > The same user also tried to rampage in the tine forum. We noticed > attacs from different IP's which lastely seem to come from the TOR > network. > > As a result i would like to implement a feature which prevents editing > egroupware.org website from TOR network or other known hijacked IP's. > If somone knows a PHP library for this task, please let me know. > > The atacker is a known jerk from the german users list, famous for > verbally attacking developers, admins and supporters of the project. > In the last days he uses the absence of ralf and labes himself as > 'official project member'. Unfortunally I cant remove him from the > lists, as i don't have the lists password. Ralf gave i to me before > his vacation last year but i can't find it in my records. > > In the next days i'll have a look at the access grants for the > egroupware.org website an remove not longer active translaters and > editor accounts. > > cu > conny > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > eGroupWare-core mailing list > eGroupWare-core@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/egroupware-core > -- Miles Lott http://bandmix.com/milosch/ ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ eGroupWare-core mailing list eGroupWare-core@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/egroupware-core