Chris Steipp <> changed:

           What    |Removed                     |Added
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #6 from Chris Steipp <> ---
(In reply to MZMcBride from comment #5)
> (In reply to Chris Steipp from comment #3)
> > With the caveats that Kunal put on the extension's page (account compromise
> > if you're not correctly using CentralAuth or shared user tables), the
> > security looks ok.
> > 
> > The site global scripts allow admins on the central site to fully control
> > the wikis using wgUseGlobalSiteCssJs, including elevating their own
> > privileges, so obviously should be used with extreme caution.
> Is this bug resolved/fixed then?


You are receiving this mail because:
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to