Join the twiki-announce list to get alerts!
To get immediate alerts
of high priority security issues, please join the low-volume
list - details at TWikiAnnounceMailingList
How to tell the TWiki security team about potential issues
To notify the TWiki SecurityTeam
about a potential security issue, just send an email to the TWikiSecurityMailingList
- no need to subscribe.
covers how the team will respond to your issue and publish a fix for confirmed issues.
TWiki Security Alerts
Please check the TWikiSecurityAlerts
- list of all security alerts, sorted by TWiki releases. The alerts are compiled automatically from the KnownIssuesOfTWiki
Security Related Topics
is not a security issue, but it can reduce the usefulness of public TWiki sites - install BlackListPlugin
to counter this.
External Security Resources
- PasswordSecurityDiscussions - a largely philosophical discussion on the relative merits of using passwords as a security device.
- SecureSetup - some good ideas on how to 'sandbox' TWiki a bit more.
- WikiSecurityPhilosophy - musings on the principles behind "classic" wiki security and the path twiki has taken -- sometimes in concert, sometimes apart. Largely historical and in need of refactoring.