Hi all,
#wikimedia-toolserver IRC logs are now available online at <http:// tools.wikimedia.de/~tim/cgi-bin/irc_log>. These logs are constantly updated by TDSBot, so hopefully these logs will provide a way to play catch up to information missed. It should now also be possible to grep through the logs for a question you may have, to see if it's already been answered (grep hemlock? :-))
To address privacy concerns, you must complete a quick verification process to ensure that you are indeed who you say you are. From there on in, you just have to click on the log in link and log in. All passwords are stored in a MySQL table using sha-1 and a salt.
Thanks,
Tim Abdulla
On 20/08/06, TDS tds@cloudstormtech.com wrote:
To address privacy concerns, you must complete a quick verification process to ensure that you are indeed who you say you are. From there on in, you just have to click on the log in link and log in. All passwords are stored in a MySQL table using sha-1 and a salt.
Some elaboration on this would be nice.
Rob Church
On 20-Aug-06, at 2:23 PM, Rob Church wrote:
On 20/08/06, TDS tds@cloudstormtech.com wrote:
To address privacy concerns, you must complete a quick verification process to ensure that you are indeed who you say you are. From there on in, you just have to click on the log in link and log in. All passwords are stored in a MySQL table using sha-1 and a salt.
Some elaboration on this would be nice.
Rob Church
The process goes as such: 1) you provide a username to the script 2) the script checks to see if the username is valid 3) the script generates the name of a temporary file and asks you to create it in your home directory; to prevent fraud, the name of the file is hashed with a salt so that at the the next step the script can ensure that the name of the file was generated by the script (so a user can't say /public_html/index, etc.) 4) the script checks to see if the file exists; if it does, the script allows you to create a password but you cannot choose a username. again, the username is hashed and the same process is run as above. 5) after registering, passwords are stored as sha-1 hashes with a random salt which is only stored in the salt file
Thanks,
Tim Abdulla
Hi all,
All existing registrations have been rendered useless due to a change in authentication (which obviously means you must re-register). Your passwords are now protected by MD5, and use the Apache authentication system. As such, http://tools.wikimedia.de/~tim/cgi-bin/irc_log will now act as a registration point in order to gain access to http://tools.wikimedia.de/~tim/logs
Thanks,
Tim Abdulla
toolserver-l@lists.wikimedia.org