On Tue, May 5, 2009 at 1:51 AM, Dmitriy Sintsov questpc@rambler.ru wrote:
In #mediawiki IRC channel I've been told that tgz upload is insecure and poses a risk.
Allowing tgz uploads would allow the upload of arbitrary file formats. We do not want to do this. For one thing, it's insecure: users might think it's safe to install a binary executable just because it's from mediawiki.org, but downloads aren't actually vetted. Noticeably third-party downloads hopefully will be treated with some more caution.
For another thing, allowing archive formats permits the upload of content we don't want to permit on ideological grounds, or that cannot be distributed under the GFDL. For instance, binaries without accompanying source code; or DRM-encumbered data formats; or formats that are otherwise not open because, for instance, they aren't specified fully enough to permit full open-source implementations (e.g., .doc). The first two cases not only are at least arguably contrary to Wikimedia's mission -- see http://meta.wikimedia.org/wiki/File_format_policy, although that never passed AFAIK -- but are probably not legal as long as we're only allowed to distribute under the GFDL.
MediaWiki extensions can just have their source code pasted into their extension pages. This is marginally less convenient, but not by much. I don't think Wikimedia is going to allow arbitrary file formats to be uploaded anytime soon (and that's basically what .tgz would permit).