diff options
Diffstat (limited to 'zarb-ml/mageia-dev/20100927/000297.html')
| -rw-r--r-- | zarb-ml/mageia-dev/20100927/000297.html | 188 |
1 files changed, 188 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/20100927/000297.html b/zarb-ml/mageia-dev/20100927/000297.html new file mode 100644 index 000000000..8511c7835 --- /dev/null +++ b/zarb-ml/mageia-dev/20100927/000297.html @@ -0,0 +1,188 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] A comparison of forum software from a security POV + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20A%20comparison%20of%20forum%20software%20from%20a%20security%20POV&In-Reply-To=%3C1285584019.2698.194.camel%40akroma.ephaone.org%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000337.html"> + <LINK REL="Next" HREF="000312.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] A comparison of forum software from a security POV</H1> + <B>Michael Scherer</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20A%20comparison%20of%20forum%20software%20from%20a%20security%20POV&In-Reply-To=%3C1285584019.2698.194.camel%40akroma.ephaone.org%3E" + TITLE="[Mageia-dev] A comparison of forum software from a security POV">misc at zarb.org + </A><BR> + <I>Mon Sep 27 12:40:19 CEST 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000337.html">[Mageia-dev] A comparison of forum software from a security POV +</A></li> + <LI>Next message: <A HREF="000312.html">[Mageia-dev] A comparison of forum software from a security POV +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#297">[ date ]</a> + <a href="thread.html#297">[ thread ]</a> + <a href="subject.html#297">[ subject ]</a> + <a href="author.html#297">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Le lundi 27 septembre 2010 à 10:02 +0200, Romain d'Alverny a écrit : + +><i> What we do need is a forum that matches our needs; actually pretty +</I>><i> basic, but maybe for having good admin features, excellent +</I>><i> hackability, extensability, being well documented, having a nice +</I>><i> community of developers around it. And, provided we're in the free +</I>><i> software thing, we want to be able to share changes as well (would it +</I>><i> be only through our own community) without worrying. +</I>><i> +</I>><i> So, requirement #1: open source license (as in <A HREF="http://opensource.org/">http://opensource.org/</A> ). +</I> +Yup. + +I think we should compile a list of requirements first , and them use +this to select possibilities. + +So let's try : + +good admin features +-> lock down thread +-> move thread between forum +-> accountability of such changes, at least for admin +-> transparency of who manage what + +hackability / extensibility +-> support for extension ? +--> a good ecosystem of extension ? +-> written in a know language +-> well written +--> use existing and well know framework/modules ( ie, not a custom one +of possible ) + +being well documented +-> good user documentation +--> translated documentation +--> clear documentation ( screen shot ? ) +-> community around it +--> well know by people + +free license +-> AGPL would be a plus, but that's just for me :) + +as a sysadmin, i would add : + +-> not full of security holes +--> have a good history + +-> good reactivity of developers +--> proper bug tracker ( ie, not a forum ) +--> good history , seen by looking at BTS + +-> do not have excessive requirements +--> do not use too exotic database system like voldemort or hbase +--> do not requires too exotic language ( erlang, fortran ) +--> do not requires a very specific version of component +--> do not requires too much unpackaged stuff +--> portable across databases ( ie, if someday, mysql is killed, we +could change to a clone or to pgsql ) + + +-> not a ressources hog ( like use a db instead of flat file ) +--> able to manage a lot of users, and lots of post +--> set indexes on the db (a proof that developers thought of it ) +--> scalable ( can it be shard, or clusterised ? ) + +-> do not produce horrible html +--> if possible, produce html compliant pages and css + +-> could work without javascript, even if this requires to disable more +advanced features ( some people disable it for various reasons like +security, etc ). + +-> do not requires flash to work + +With my jabberfr member hat on : + +-> good xmpp integration +--> take care of xmpp link +--> offer jabber in vcard +--> can send message on jabber instead of mail + +/me remove the hat + +as a user : +-> a effective antispam +--> if possible, no captcha, or at least, one that do not weed me out + +-> something that do not mark a thread as read if I simply visit the +forum +-> a link "last posts" for the whole forum +-> a link "last posts" for just a forum +-> having more information when I receive a mail when someone answered. + Ie more like "foo has responded this" more than "someone said + something, click here to see" + +-> efficient search engine +--> do not forbid 3 letters search ( because acronyms are everywhere ) + +-> easy to manage from command line, so we can script various thing +( like removal of inactive account, etc, etc ) + +-> integrated with sso. this one can be quite tricky to realize, as +romain will tell you. + +I assume that others users will have others requirements ( like custom +smiley, rich text edition, ml integration, etc ). I remember of a thread +about using forum like a ticket system. Ie, how could the support be +improved by changing the process and the forum ? + + +I also assume that some requirement are more important than others. Ie, +there is MUST and there is MAY, like in RFC. + +So let's first gather requirements, then we will decide on what is +really important or not. + +-- +Michael Scherer + +</PRE> + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000337.html">[Mageia-dev] A comparison of forum software from a security POV +</A></li> + <LI>Next message: <A HREF="000312.html">[Mageia-dev] A comparison of forum software from a security POV +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#297">[ date ]</a> + <a href="thread.html#297">[ thread ]</a> + <a href="subject.html#297">[ subject ]</a> + <a href="author.html#297">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |