On Friday, September 26, the system hackers team discovered a misconfiguration in the wiki setup. The error, if discovered, would have enabled an unauthorised party to read protected pages and user configurations.

It was possible to read the encrypted password hashes of guest users. Registered Fellows, who log in using their Fellowship password were not affected by this. To all others we recommend changing their wiki password as a precaution.

Fellowship Hacks » Projects » Jabber

Jabber

Goal

Support the new Fellowship jabber server.

Coordinator

People

Volunteers are always welcome! Have a look at FellowshipHacks to know how you can help

Status

The new jabber server based on ejabberd is operational. We can think about improvements and integration with other services.

Tasks

This is an overview of the tasks to do for the completion of the project.

TODO:

DONE:

  • Test LDAP integration on current jabber 1.4.x server (negative result)
  • Finalize the choice between jabber server solutions

    • gollo: ejabberd looks most promising for me, because it
      • meets almost all requirements
      • seems to be quite uncomplicated to set up
      • the documentation looks good to me
  • Set up a test install and test LDAP auth and possible new features
  • Allow connections for user behind firewalls * Migrate the old installation

You can create a page for a new task using the button below. Just enter the name for the page and it will be automatically created as a subpage of this project page.

Systems involved

  • Target systems: chromium


CategoryFellowshipHacksProjects