On 11/13/06, Erik Moeller <erik(a)wikimedia.org>
wrote:
If security is a major issue, might it be
feasible to maintain a
whitelist of certificates (to allow applets from trusted authority to
be uploaded directly), and to flag all other applets as
"non-embeddable" until a sysop flips a switch, so they can be reviewed
for security? We could add a big fat warning on the file description
page.
It makes more sense to me to use the system we use for JavaScript,
i.e., only sysops can add it to begin with. Allowing applets from
trusted authorities is an interesting idea, but what does "trusted"
mean? Trusted to not take up too many CPU cycles, to avoid playing
sound unless the user permits it explicitly, to not include material
that would be vulgar and thus attractive to vandals?
I definitely don't think anything whatsoever should be available to
non-sysops at all unless uploaded by a sysop, no matter how large the
warning message. People are *way* too used to ignoring warning
messages.
Here's a related idea: if we can't get "confirmed email required before
uploads enabled" for Commons, could we get uploads disabled for
non-sysops? Surely images in general are similarly "dangerous" (if not
for system & vandalism reasons, for copyright reasons)?
(Cross-posting to Commons-l)
--
Alphax -
Contributor to Wikipedia, the Free Encyclopedia
"We make the internet not suck" - Jimbo Wales
Public key: