On Tue, Apr 29, 2014 at 5:42 PM, Yar <yardenack@gmail.com> wrote:

On Tue, Apr 29, 2014 at 12:50 AM, Matthew Senate <mattsenate@gmail.com> wrote:

> create your own account on the dev.sudoroom.org site using:
>
> user: sudoer
> pass: superuserdoroom

I appreciate all your hard work on this, but I would advocate for a
more security-conscious approach to this. My two concerns are:

1) We should not share a wordpress admin account passwords on a public
mailing list. Admin accounts are able to modify files on the server
and execute arbitrary code. This creates a very easy way for anybody
on the internet to pwn our entire web server and attack our users.

password changed

2) We should not serve the dev site on http or encourage users to
create accounts in cleartext. I can move it seamlessly to
https://sudoroom.org/dev/ with your consent.

We already have wordpress installed on sudoroom.org and this will cause redirection issues. I think it's better to have a dev.sudoroom.org to maintain total independence. Maybe we can get another SSL cert or use a self-signed?

I think we owe our users better than this, especially since we've
taught some of them to use Tor at our cryptoparties. They have trusted
us with email addresses and passwords in (among other things) the
blog, wiki, and mailman. This puts them and us at risk. It also
nullifies a lot of past time and effort that's gone into keeping our
server secure.

I should have told folks to only use demo / test / fake accounts. I hope no one thought they were signing up for anything other then a development site (that will be trashed in the future). I'll just set up demo accounts myself in the future and hand those out.

_______________________________________________
sudo-sys mailing list
sudo-sys@lists.sudoroom.org
https://lists.sudoroom.org/listinfo/sudo-sys