[Koha-devel] RSS method for checking and warning about current installed version
Paul A
paul.a at navalmarinearchive.com
Wed Dec 4 02:35:50 CET 2013
At 08:55 PM 12/3/2013 -0200, Tomas Cohen Arazi wrote:
>My main concern is people having Koha instances that already reached EOL
>and/or are not supported anymore. How to do it is the topic in discussion.
>I like the idea of a button (maybe in the form of a tab in the about page
>;-) and maybe with a disclamer notice and a confirmation button). Having a
>syspref defaulting to "disabled" could work if this is troublesome in
>several jurisdictions.
I'm referring to professionals who know full well what they are doing with
their library systems, we don't need the security implications of any
"preference" having external file editing capability. If amateurs need
reminding, that's another question that should be available during
installation, not afterwards.
Look around the landscape: does perl, or apache, or mysql, or zebra, or
etc, etc... do this?
You say "could work" -- I'm suggesting that security must be bullet proof.
As far as I'm concerned, this avenue should be blackballed for a standard
install/upgrade. It's just the thin end of the wedge towards other intrusions.
Best regards -- Paul
>Regards
>To+
>
>
>On Tue, Dec 3, 2013 at 7:46 PM, Paul A
><<mailto:paul.a at navalmarinearchive.com>paul.a at navalmarinearchive.com> wrote:
>At 07:48 AM 12/4/2013 +1300, Chris Cormack wrote:
>>On 4/12/2013 6:38 am, "Tomas Cohen Arazi"
>><<mailto:tomascohen at gmail.com>tomascohen at gmail.com> wrote:
>> >
>> > What would you think of adding some way for the
>> <http://about.pl>about.pl page to load information on newer versions
>> available, or even if the currently used branch has reached EOL?
>> >
>>I like this idea, assuming it is an opt in option. (and easily switched
>>off again too)
>>Chris
>
>Tomás, please tell me that this does NOT involve instances of Koha
>attempting, unsupervised, to contact an external website.
>
>Thanks and best regards,
>Paul
>
>_______________________________________________
>Koha-devel mailing list
><mailto:Koha-devel at lists.koha-community.org>Koha-devel at lists.koha-community.org
>http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>website : <http://www.koha-community.org/>http://www.koha-community.org/
>git : <http://git.koha-community.org/>http://git.koha-community.org/
>bugs : <http://bugs.koha-community.org/>http://bugs.koha-community.org/
>
>
>
>
>--
>Tomás Cohen Arazi
>ProsecretarÃa de Informática
>Universidad Nacional de Córdoba
>✆ +54 351 4333190 ext 13168
>GPG:Â B76C 6E7C 2D80 551A C765 Â E225 0A27 2EA1 B2F3 C15F
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20131203/5781035b/attachment.html>
More information about the Koha-devel
mailing list