Timwi wrote:
David Gerard wrote:
Hm, this guy talks about what you should or shouldn't do, but has he actually found an actual vulnerability in Wikipedia or MediaWiki?
No. If he did, there's no doubt he'd blurt it out on his blog before he finished his coffee. But I doubt he has the competence to find such a thing.
He just found some script files that I deliberately made public. Originally they were only available there, but eventually I committed them to svn as well. Next he'll be reporting that he can edit the wiki.
-- Tim Starling