[SAC] more spammer accounts
Sandro Santilli
strk at keybit.net
Fri May 6 13:26:45 PDT 2016
On Fri, May 06, 2016 at 09:25:21PM +0200, Martin Spott wrote:
> On Fri, May 06, 2016 at 09:10:23PM +0200, Markus Neteler wrote:
>
> > How about writing the account names into a text file on a server and read
> > from there via Cron job? Then remove the processed text file?
>
> Automagically writing into a file sounds good to me.
At the moment, all trac spammer accounts are being stored
in /osgeo/tools/trac/emergency_clean.sql and can be extracted
with this command:
grep '^(' /osgeo/tools/trac/emergency_clean.sql |
sed -e "s/^('\(.*\)').*/\1/"
> Unattended manipulation of our LDAP directory .... mmmh, that's pretty
> sensitive, something I'd prefer to avoid.
How about only allowing a very specific manipulation ?
A script could extract that list, remove any name from
a known list (SAC members) and set the accounts disabled
in a lossless way (in a way that's easy to re-enable withouth
having to change the password).
--strk;
More information about the Sac
mailing list