This site best when viewed with a modern standards-compliant browser. We recommend Firefox Get Firefox!.

Linux-HA project logo
Providing Open Source High-Availability Software for Linux and other OSes since 1999.

USA Flag UK Flag

Japanese Flag

Homepage

About Us

Contact Us

Legal Info

How To Contribute

Security Issues

This web page is no longer maintained. Information presented here exists only to avoid breaking historical links.
The Project stays maintained, and lives on: see the Linux-HA Reference Documentation.
To get rid of this notice, you may want to browse the old wiki instead.

1 February 2010 Hearbeat 3.0.2 released see the Release Notes

18 January 2009 Pacemaker 1.0.7 released see the Release Notes

16 November 2009 LINBIT new Heartbeat Steward see the Announcement

Last site update:
2017-12-11 23:01:27

SecurityPolicy is a config option that allows wiki admins to dynamically enable or disable certain key actions in a MoinMoin wiki, most notably editing and deleting content.

Mechanics

Security restrictions in a MoinMoin wiki work by the interface defined in the MoinMoin.security module. The Permissions class implements the basic interface for user permissions and system policy. If you want to define your own policy, inherit from that base class, so that when new permissions are defined, you get the defaults.

Then assign your new class to SecurityPolicy in moin_config; and I mean the class, not an instance of it!

Samples

Disable editing over HTTPS

This is used at WEB.DE AG to make the main intra-net wiki available in read-only form via HTTPS. It's an extra security measure, in addition to password protection, against content changes from the outside. The same scheme can be used to have two different URLs pointing at the same wiki, and have only one of those URLs1 being able to edit the wiki. The net effect is that you have a read-only wiki editable only by certain people.

Add this to your moin_config.py:

# permissions
import MoinMoin.security
 
class SecurityPolicy(MoinMoin.security.Permissions):
    def __init__(self, user):
        MoinMoin.security.Permissions.__init__(self, user)
 
        # no edits via https
        from MoinMoin import webapi
        self.edit = not webapi.isSSL()
        self.delete = self.edit
  • 1 An URL that is password-protected, by means of Apache server rules.