Trac Spam

The folks at Enthought (sponsors of SciPy) were kind enough to set up a Trac so that I could manage development of the Software Carpentry course. Unfortunately, spammers have figured out how to bomb Trac: over a dozen tickets relating to gay porn, online casinos, and the like have been filed, and there are literally dozens of comments (undeletable) along the same lines on the useful tickets. I could have prevented this by not giving anonymous users the ability to file tickets, but requiring people to register in order to give feedback on the course notes would greatly reduce the amount of feedback I got. I don't have an answer to this, but we're going to have to come up with one for DrProject. We're also going to have to come up with a better way to manage user accounts. Right now, DrP requires people to have accounts on the underlying Unix system. That makes sense for classroom use, but not for "open" projects --- I've had to request guest accounts so that people outside the university can be on the DrP development mailing list, for examlpe, and that doesn't scale to dozens of contributors. I do not want to add user account management, password checking, and the like to DrP: it's a lot of work to do properly, a security hole when done improperly, and synchronizing it all with Subversion would be just one more thing that could go wrong. If you have ideas, I'm easy to find...
comments powered by Disqus