You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be really useful to have a way of importing directories/tarballs/zips of content to tendenci. I'm specifically thinking themes, extra files for themes and bulk import of documents (e.g. for a group).
That is the goal. But we aren't there yet. Tendenci 4 was ASP and glad it's gone. T5 was our first real go at Django. T6 is a transition state to work within the django migration internalization. T7 is the first open source release where we've been working at true standardization and server environment standardization.
There are SOOOOOO many viruses and malware options out there for linux. We don't want to fall down the rabbit hole Joomla or Wordpress did with security from uploaded plugins. Even though we definitely want plugins.
As a helpful note, what we do internally is mount files as partitions that are read / write only so even sudo can't execute an upload. Something along these lines:
But my /etc/fstab entries look more like this (in dev)
/usr/tmpDSK /tmp ext3 loop,noexec,nosuid,rw 0 0
on the flip side django needs read/write/execute to write to those files if run as root so I am unsure of a global fix without greater control of the hosting environment (which I don't want!!)
Suggestions are welcome. Thoughts are welcome. This is a server config issue so it's kind of hard to give it a fair answer in 5 minutes. Plus until openssl gets stabilized, the ciphers and encryption keys make everything dangerous. Lame answer. Still in the queue.
It would be really useful to have a way of importing directories/tarballs/zips of content to tendenci. I'm specifically thinking themes, extra files for themes and bulk import of documents (e.g. for a group).
The text was updated successfully, but these errors were encountered: