See
TWikiGroups.
Currently it shows:
--
TWiki:Main/MichaelDaum - 06 Mar 2008
(Never mind the red background color on TWikiContributor.)
--
TWiki:Main.MichaelDaum - 06 Mar 2008
I am not sure if there is a connection and if it has been fixed: TWiki has/had a
user called TWikiAdminGroup, which is highly confusing. Above entry could be caused by this (unless spec was changed.)
--
TWiki:Main.PeterThoeny - 06 Mar 2008
See the
TWikiAdminGroup. It is empty and there's no passwd related to an admin account called TWikiAdminGroup, at least not on my installs. I think this is a plain programming error, not sever at all.
--
TWiki:Main.MichaelDaum - 06 Mar 2008
I actually also remember someone - probably on IRC - talking about the fact that
TWikiAdminGroup was both a group and a user. And that this "user" was only used internally in TWiki. Ie. did not exist as a user that can log in. It is confusing. In fact I find the whole admin process confusing and the sudo login has not made things easier (I originally argued for a different approach but at the end agreed to accept it as a compromize and has to accept that this is what we decided). But this
TWikiAdminGroup which in come cases is seen as a user should be totally hidden to the users so I agree that it is a bug that it is listed in the TWikiGroups. It should be filtered out.
--
TWiki:Main.KennethLavrsen - 06 Mar 2008
The TWkiAdminGroup
user is (was?) used to update statistics etc. It is better to rename it to something more intuitive, such as TWikiDaemon, TWikiBot or the like. As such I find it useful to list that user in the TWikiAdminGroup and to ship a TWikiDaemon topic that explains what this user is about.
--
TWiki:Main.PeterThoeny - 07 Mar 2008
There is, and always has been, an internal Admin user, who's name is set in the configuration file - see
{AdminUserWikiName}
That this user has been hidden from you in prior versions, due to the nature of the being able to have a user with the same name as a group, is a security issue, that thankfully is now resolved.
to put it in simple terms,
TWikiAdminGroup has got member
TWikiAdminGroup is correct, and there is no bug. If you want to change that user's name, goto configure, and change it. (same as in 4.1, 4.0, 3.0...)
--
TWiki:Main.SvenDowideit - 13 Mar 2008
What was the security issue you mentioned, Sven?
Is there a pending security issue in 4.1.2?
Do we need to ship a security patch release for it?
Why is there no TWikiAdmin user?
--
TWiki:Main.MichaelDaum - 13 Mar 2008
Using the same name for user
and group is common in Unix. For usability in the wiki I think we should do this for the distribution:
- Keep group name TWikiAdminGroup as is
- Rename user name TWikiAdminGroup to TWikiDaemon (topic name and
{AdminUserWikiName}
setting)
--
TWiki:Main.PeterThoeny - 13 Mar 2008
Why not make TWikiAdmin a real user account that is member of the TWikiAdminGroup and that people can use to login?
--
TWiki:Main.MichaelDaum - 13 Mar 2008
To rearrange the sentence - "That this user has been hidden from you in prior versions is a security issue, whereby we hide the fact that creating a user with
that name is magically admin.". From what I recal, This won't happen through normal registration, because the Group topic gets in the way - but they rename it and
do not create a topic they might have trouble.
Personally I consider the internal user a real user account, but there is
nothing stopping you from creating a real user account. Point is that we can't ship with one reliably.
--
TWiki:Main.SvenDowideit - 13 Mar 2008
Hence a TWikiDaemon user, renamed from the confusing TWikiAdminGroup user.
--
TWiki:Main.PeterThoeny - 04 Jun 2008
I just checked the 4.2.1 code and the TWikiAdminGroup (user) is NOT shown as a member of TWikiAdminGroup any longer.
It seems this problem is already resolved. The member is now TWikiAdminUser.
I am closing this bug.
--
TWiki:Main.KennethLavrsen - 05 Jun 2008