Confirmed users, Bureaucrats and Sysops emeriti
1,531
edits
Plugins:PluginDirectory:2010-03-26: Difference between revisions
Jump to navigation
Jump to search
Plugins:PluginDirectory:2010-03-26 (view source)
Revision as of 04:44, 26 March 2010
, 26 March 2010→Web Dev
ChrisHofmann (talk | contribs) |
ChrisHofmann (talk | contribs) |
||
| Line 18: | Line 18: | ||
** How long will it take? | ** How long will it take? | ||
*** Les: Not sure, pending a close look at the bugs so far. | *** Les: Not sure, pending a close look at the bugs so far. | ||
* Passwords | * Passwords | ||
** Already changed admin and editor passwords. | ** Already changed admin and editor passwords. | ||
| Line 37: | Line 36: | ||
*** Les: Probably me. | *** Les: Probably me. | ||
*** Austin: If plugindir is compromised, then the webheads should be taken offline. The plugin check page will show an error (already built). We will have to take it offline to do intrusion detection analysis. This is my guess, probably need input from security before we build this, but maybe there is nothing to build? | *** Austin: If plugindir is compromised, then the webheads should be taken offline. The plugin check page will show an error (already built). We will have to take it offline to do intrusion detection analysis. This is my guess, probably need input from security before we build this, but maybe there is nothing to build? | ||
* Notification system | |||
** Who should be notified when changes happen? | ** Who should be notified when changes happen? | ||
*** Les: A list would be nice; that, and/or I could look at building an admin tool and per-user preferences to manage who gets notifications | *** Les: A list would be nice; that, and/or I could look at building an admin tool and per-user preferences to manage who gets notifications | ||
| Line 42: | Line 42: | ||
** Who should be on the hook to confirm changes? | ** Who should be on the hook to confirm changes? | ||
*** Les: Hopefully not me; would be nice to have someone security-minded and plugin-informed to keep on top of it. I can help build the tools, but would rather not also be the manager of the data. | *** Les: Hopefully not me; would be nice to have someone security-minded and plugin-informed to keep on top of it. I can help build the tools, but would rather not also be the manager of the data. | ||
*** chofmann: there have been ideas circulating to hire a plugin partner manager. this person would work with plugin partners on crash data we have related to plugins, keeping the plugin check data up to date, and proactively making sure plugins use the right api's and best practices for compatibility. we have a ton of potencial partners in this area. | |||
*** maybe some model like we have for addons. trusted group of amo-admins/editors reviews addons before they are released from the sandbox | *** maybe some model like we have for addons. trusted group of amo-admins/editors reviews addons before they are released from the sandbox | ||
** Who builds this into the directory? | ** Who builds this into the directory? | ||