On Wed, Oct 14, 2009 at 8:28 PM, Tim Starling <tstarling(a)wikimedia.org> wrote:
<snip>
Wikimedia has finally stopped checking out the entire
extensions
directory and exposing it to the web, but there might be other sites
out there still doing the same insecure practice. It may make sense to
split off an "extensions-contrib" directory where unreviewed
extensions can be put, with less chance of jeopardising the security
of servers.
<snip>
A similar approach, with slightly different nomenclature, would be to
create an "extensions-approved" directory restricted to core
contributors for the 60 odd extensions used by Wikimedia.
http://www.mediawiki.org/wiki/Category:Extensions_used_on_Wikimedia
Obviously any extension used on the live site has essentially the same
security implications as the core code. As there are already a few
hundred extensions in SVN, I think it is fair to regard many existing
extensions in SVN as contribs that have never been studied in detail.
-Robert Rohde