[wplug-internet] WPLUG's information assets (membership rolls -

[Vance Kochenderfer]

David Kraus wrote:
> 
> Vance,
> 
> You have obviously made a significant effort into the development of
> your MediaWiki extension, and I applaud you for that.  However, I did
> alittle research into stable MediaWiki extensions, specifically any
> related to controlling access to a page or pages based on user
> account.  The PublicCat,
> http://www.mediawiki.org/wiki/Extension:PublicCat, extension caught my
> interest for this purpose.  What concerns me is the disclaimer stating
> that MediaWiki in general is not designed for per page access
> restriction and could "easily" be compromised.
> 
> I propose a different approach to this effort.
> 
> Select an open source membership database application such as:
> http://sourceforge.net/projects/clubdata/
> http://sourceforge.net/projects/klub/
> http://sourceforge.net/projects/zebraz/
> 
> Run the selected membership application along side MediaWiki at
> www.wplug.org.  Provide authentication to both applications using
> OpenID, http://openid.net/.
> 
> Comments?

You are entirely correct that MediaWiki is not designed to
restrict viewing pages to specific users or sets of users.
I ran into similar warnings when researching/working on this.
However, I do not think the specific concerns identified in
<http://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions>
apply to this extension.

The reason is that member information is not part of a "normal"
wiki page, so the attacks described don't apply.  The extension
relies on the following functions/attributes for authentication:
  $wgUser->getID()
  $wgUser->mName
  $wgUser->mGroups
<http://svn.wikimedia.org/doc/classUser.html>

I have not run into any descriptions of exploits that allow one to
spoof/modify these.  Of course, that doesn't mean they don't
exist.

Your suggestion to use a separate membership interface with a
common form of authentication for it and the wiki (LDAP, OpenID,
or whatever) is certainly a viable approach.  The only difficulty,
in my view, is the work to migrate existing wiki user accounts to
the new authentication system.  It would eliminate any MediaWiki-
specific attacks, while being vulnerable to any attacks on the
authentication method or interface software.  At least for the
authentication software, these are likely to be few in number.

Of the three projects you listed, only clubdata appears to be
under current development.  It has a pretty impressive feature
list <http://clubdata2.domes-muc.de/>.  Perhaps I missed it, but
I didn't see that it had an option to use a separate back-end
authentication system.  Perhaps this feature could be added on.

Thanks for the input!

Vance Kochenderfer        |  "Get me out of these ropes and into a
vkochend at nyx.net          |   good belt of Scotch"    -Nick Danger