twiki on FC4, anyone?
Kenneth Porter
shiva at sewingwitch.com
Tue Jul 26 04:13:39 UTC 2005
--On Saturday, July 23, 2005 10:52 AM -0400 "Robert P. J. Day"
<rpjday at mindspring.com> wrote:
> i'd already found that page, i was just wondering if there was
> anything specific to FC (or FC4) that would cause problems. thanks.
I did a test install back around October-November 2004 on FC2, right around
the time a nasty security bug was discovered and a lot of TWiki's got
defaced. I took mine offline waiting for a more mature security audit and
my project kinda died. TWiki uses a lot of custom Perl and didn't use taint
mode at that time, which would have caught the issue. (Form input was going
straight into a backtick operator.) So do take a close look at its current
security state. (And that of any other package you consider.)
More information about the fedora-list
mailing list