On 22/03/12 22:25, Ryan Lane wrote: > On Thu, Mar 22, 2012 at 2:14 PM, K. Peachey <[email protected]> wrote: >> On Fri, Mar 23, 2012 at 6:42 AM, Platonides <[email protected]> wrote: >>> If you browse the internet from that computer when the wiki is >>> accesible, it could be compromised. >> >> No it's not.... Unless you are bindly making your local web server >> fowarded to the outside network. > > It doesn't matter if your web server is accessibly from the outside > network or not. If you are logged into your local wiki, and someone > knows of its existence, they could attack you from another server > outside of your network. > > - Ryan
Exactly. You would need something like Mozilla bug 354493 fixed to be safe. <https://bugzilla.mozilla.org/show_bug.cgi?id=354493> Or a webapp not vulnerable to CSRF, which is why we're sending out that fix. :) _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
