[unisog] Wiki Security

Tom Perrine tperrine at scea.com
Tue Sep 5 16:38:36 GMT 2006


Edgecombe, Jason wrote:
> I would say that since Wikipedia and it's sister projects are among the
> most popular web sites, I would infer that it's probably the most
> battle-hardened wiki.

Yes, in terms of hardening against escaping from the wiki software, or
exploiting it to get a foothold on the server. But...

> The only downside is lack of fine-grained access controls which seems to
> be common among wiki software because it's contrary to the wiki
> philosophy.

Yes, I noticed this as well over the past year.  For internal use, and
where we can control what may be posted through some other means, I'm
using MediaWiki.

Lately I've been hearing good things about Confluence, specifically that
it has a more corporate flavor, with internal (finer-grained) access
controls.  However, it isn't open source.

> 
> I've also been looking into drupal lately.

LOPSA selected drupal for its public web site (LOPSA.ORG).  Since this
is a professional association for sysadmins, you can be sure that
security was a consideration.

(Disclaimer:  I'm a member, and the president...)

Tom Perrine






More information about the unisog mailing list