abusive user of GDB Wiki for spam ...

abusive user of GDB Wiki for spam ...

[Joel Brobecker]

Hello,

The GDB Wiki is being spammed by user Leiann Zvacek. He's created
a fake page "rutud" which I deleted, and now attaches zillions or
small files to it. I looked at one and it's a HTML file advertisement.
Here is one of the notifications I received:

> You have subscribed to a wiki page "rutud" for change notification.
> An attachment has been added to that page by Leiann Zvacek. Following
> detailed information is available:
> 
> Attachment name: 4c
> Attachment size: 19513
> Attachment link: http://sourceware.org/gdb/wiki/rutud?action=AttachFile&do=get&target=4c
> Page link: http://sourceware.org/gdb/wiki/rutud

I propose we deactive his Wiki account ASAP. I would do it, but I don't
know how to do this (yet), and I don't think I have priviledges either.

Can someone have a look at that, please?

Thank you,
-- 
Joel

Re: abusive user of GDB Wiki for spam ...

[Frank Ch. Eigler]

Hi -

> The GDB Wiki is being spammed by user Leiann Zvacek. He's created
> a fake page "rutud" which I deleted [...]

This has been happening to some other local wikis too.  I zapped the
attachments, but it's not obvious to me how to curteil future abuses.

- FChE

Re: abusive user of GDB Wiki for spam ...

[Joel Brobecker]

> The GDB Wiki is being spammed by user Leiann Zvacek. He's created
> a fake page "rutud" which I deleted, and now attaches zillions or
> small files to it. I looked at one and it's a HTML file advertisement.
> Here is one of the notifications I received:

We're being spammed again - different user name, but exactly the same
filenames.  I didn't bother looking at them.  The page he attached
these is still the same (rutud), which is still marked as deleted.

I think it's much easier to delete these files using a shell, than
using the Wiki interface.

Also, there seems to be a procedure to disable user accounts (using
the "moin" command).

I'd like to be able to do both, but that requires extra priviledges.
Right now, my only access to sourceware.org is through gdbadmin.

-- 
Joel

Re: abusive user of GDB Wiki for spam ...

[Joel Brobecker]

> We're being spammed again - different user name, but exactly the same
> filenames.  I didn't bother looking at them.  The page he attached
> these is still the same (rutud), which is still marked as deleted.

This happened again today: We are now hosting another 70 files
of spam :-(. It's now clear that this is not a one-off, and I think
we should do something.

The first thing I would do is delete these files (added to page
"rutud").  This requires special priviledges.

The second thing is probably start a discussion with the other
GDB maintainers as to decide what to do to prevent this sort of
abuse.

I'm willing to help, because it bothers me that someone is using
a flaw on our system to force us to host his spam.  But if no one else
cares, then that's fine, I'll just filter the emails I receive when
this happens.

-- 
Joel

Re: abusive user of GDB Wiki for spam ...

[Frank Ch. Eigler]

[-- Attachment #1: Type: text/plain, Size: 944 bytes --]

Hi -

On Thu, Dec 16, 2010 at 04:05:23PM +0400, Joel Brobecker wrote:
> [...]
> The first thing I would do is delete these files (added to page
> "rutud").  This requires special priviledges.

I zapped the files by low level fs ops.  Your wiki userid is now an
'admin' and should have despam privileges, if that's quite enough.

> The second thing is probably start a discussion with the other
> GDB maintainers as to decide what to do to prevent this sort of
> abuse. [...]

The easiest option is to disable wiki attachments by default, by
adding 

     actions_excluded = [u'AttachFile']

into the /wiki/PROJECT.py file.  Whether that can be enabled again on
a per-user basis, or whether an admin would have to hand-edit the file
again to turn on attachments briefly, I dunno.  Unfortunately, I have
so far found no better option with moinmoin.  Switching to another
wiki software (mediawiki?) is an option.

- FChE

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: abusive user of GDB Wiki for spam ...

[Daniel Berlin]

On Thu, Dec 16, 2010 at 5:11 PM, Frank Ch. Eigler <fche@redhat.com> wrote:
>
> Hi -
>
> On Thu, Dec 16, 2010 at 04:05:23PM +0400, Joel Brobecker wrote:
> > [...]
> > The first thing I would do is delete these files (added to page
> > "rutud").  This requires special priviledges.
>
> I zapped the files by low level fs ops.  Your wiki userid is now an
> 'admin' and should have despam privileges, if that's quite enough.
>
> > The second thing is probably start a discussion with the other
> > GDB maintainers as to decide what to do to prevent this sort of
> > abuse. [...]
>
> The easiest option is to disable wiki attachments by default, by
> adding
>
>     actions_excluded = [u'AttachFile']
>
> into the /wiki/PROJECT.py file.  Whether that can be enabled again on
> a per-user basis, or whether an admin would have to hand-edit the file
> again to turn on attachments briefly, I dunno.  Unfortunately, I have
> so far found no better option with moinmoin.  Switching to another
> wiki software (mediawiki?) is an option.

At the point we switched from phpwiki, mediawiki was fairly difficult to setup.
If it's not so hard anymore, i'm pretty positive mediawiki has a
moinmoin importer, and supports recaptcha
>
> - FChE

Re: abusive user of GDB Wiki for spam ...

[Joel Brobecker]

> On Thu, Dec 16, 2010 at 04:05:23PM +0400, Joel Brobecker wrote:
> > [...]
> > The first thing I would do is delete these files (added to page
> > "rutud").  This requires special priviledges.
> 
> I zapped the files by low level fs ops.  Your wiki userid is now an
> 'admin' and should have despam privileges, if that's quite enough.

Thanks! The guy installed another batch of files, and I just found
that if I google "rutud", his ads are #2 and #3 on the result :-(.

> > The second thing is probably start a discussion with the other
> > GDB maintainers as to decide what to do to prevent this sort of
> > abuse. [...]
> 
> The easiest option is to disable wiki attachments by default, by
> adding 
> 
>      actions_excluded = [u'AttachFile']

I don't think that attachments are a very common operation on the GDB
wiki. Even if we ended up deciding not to use that solution, that could
be an acceptable compromise, I think, while the maintainers discuss
what they want to do...

Would you mind making that change for us?

Thanks a lot for your help,
-- 
Joel

Re: abusive user of GDB Wiki for spam ...

[Frank Ch. Eigler]

[-- Attachment #1: Type: text/plain, Size: 334 bytes --]

Hi -

On Fri, Dec 17, 2010 at 08:05:37AM +0400, Joel Brobecker wrote:
> [...]
> > The easiest option is to disable wiki attachments by default, by
> > adding 
> > 
> >      actions_excluded = [u'AttachFile']
> [...]
> Would you mind making that change for us?

I made this change for both gdb and cluster wikis.

- FChE

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: abusive user of GDB Wiki for spam ...

[Joel Brobecker]

> > > The easiest option is to disable wiki attachments by default, by
> > > adding 
> > > 
> > >      actions_excluded = [u'AttachFile']
> > [...]
> > Would you mind making that change for us?
> 
> I made this change for both gdb and cluster wikis.

Excellent news, thanks a lot!

-- 
Joel