Notice on Wiki Security

From DOE SciDAC VACET Center Wiki
Jump to: navigation, search

Wikis in general were designed as public forums without access restriction in mind. This wiki has been modified and extended to achieve some amount of access control, however there are inherent limitations to the level of security a wiki can provide. It is important to keep this in mind when using this wiki. Please follow these guidelines when using this wiki:

  • Do not use the same password on any wiki that is also used for other more sensitive environments. If the password from a wiki were sniffed out or hacked, those other systems could also be compromised. If you need to change your password, you can do it yourself by going to Special Pages -> Preferences.
  • Do not place highly sensitive information, personal information, or upload sensitive files onto the wiki. This wiki has been modified to allow restriction of some pages to authorized users, however, there are known weaknesses so it should be seen as a "nothing to see here, move along", rather than a guarantee of secrecy.
  • A special "Collab:" namespace has been created for "collaborators only" pages. This means that any pages named beginning with "Collab:" will require the user be a member of the "collab" user group in order to view or edit it. Please contact the webmaster (webmaster[at]sci.utah.edu) if you need to be made a member of this group.
  • Bear in mind that uploaded files could be accessed by anyone visiting the wiki. This wiki has been modified to hide the Special pages that list the uploaded files from non-logged-in users, however, the files themselves are not directly restricted from view and in theory could be seen by any visitor even if the file is not linked on a public page.
  • This wiki has been modified so that users cannot create their own accounts and a login is required to edit pages. Users must request an account from the webmaster. This is meant to prevent bots from automatically creating accounts and posting wiki spam, however it does not prevent malicious people from requesting and receiving accounts. We hope that will not be a problem, however, please keep an eye out for malicious postings and report them to webmaster[at]sci.utah.edu.

Thank you, and happy wikiing!

Erik Jorgensen
SCI Webmaster