Brion Vibber wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Simetrical wrote:
> Well, first of all, I think our security team consists of Brion,
> although maybe some other people receive the security(a)wikimedia.org
> mailings as well. Since he's also the lead developer, it's not so
> much a question of recommendations as mandates, which he usually
> implements personally (either fixing it himself, or reverting whatever
> broke it).
>
> Nick Jenkins has done some fuzz-testing on MediaWiki in the past. As
> far as I'm aware, that's about the end of specific security testing
> that's done on MediaWiki, at least by the developers. The rest is
> covered by general code review: checking new code to make sure
> everything is escaped properly, and looking over old code as it's
> being maintained.
Hi Brion,
thanks for your input!
Indeed, there's not a lot of organized testing,
though the fuzz testing
tools get pulled out from time to time to look for HTML injection bugs
and other such surprises.
Sounds good that you found some suitable tools to fuzz with. Are you
able to name those tools?
etc
It's not always perfect, and there's going to be lazy code here and
there, but working within a safe framework at input/output points is
always a big help in combatting many of the traditional web app
vulnerabilities.
When it comes to ensuring that private data in the wiki stays private,
there's perhaps less of an automatic guarantee, as you have to decide
what is or isn't private and ensure that the visibility is properly
restricted.
Is there any multi-tier patch revision? The folks at Apache Tomcat do a
three-person-review of patches before they get committed.
Thanks
--
<NO> OOXML - Say NO To Microsoft Office broken standard
http://www.noooxml.org