Hi dear tech folks,
The MediaWiki 1.18 release notes stated the following:
“(bug 24230 [1]) Uploads of ZIP types, such as MS Office or OpenOffice can now be safely enabled. A ZIP file reader was added which can scan a ZIP file for potentially dangerous Java applets. This allows applets to be blocked specifically, rather than all ZIP files being blocked.”
On the Wikimedia Commons village pump [2], concerns were still raised about security (some referred to macros specifically).
Brion stated in 2008 that the ZIP issue was the only problem we had with OpenDocument upload [3], and TheDJ confirmed so in said thread; but let’s make it super-extra clear as for the technical side:
* Is it completely safe to enable upload of OpenDocument files on Wikimedia Commons? * If not, would you advise us to restrict this type of uploads to trusted users? [4]
With this confirmation, we can quietly discuss on Commons whether we want this or not :-)
Thanks for your help!
[1] https://bugzilla.wikimedia.org/show_bug.cgi?id=24230 [2] < https://commons.wikimedia.org/wiki/Commons:Village_pump/Archive/2012/03#Enab...
[3] < http://lists.wikimedia.org/pipermail/wikitech-l/2008-November/040246.html%3E [4] in the spirit of < https://commons.wikimedia.org/wiki/Commons:Restricted_uploads%3E