Changes for page What an XWiki Security Review Should Actually Include
Last modified by Agnease on 2026/06/08 18:44
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -236,6 +236,16 @@ 236 236 permissions, extensions, customizations and recovery procedures were configured years earlier. 237 237 </p> 238 238 239 + <div class="resource-note"> 240 + <p> 241 + <strong>Security review series:</strong> 242 + this article is the main overview. You can also read 243 + <a href="$xwiki.getURL('resources.xwiki-access-rights-governance')">why XWiki access rights need a clear governance model</a>. 244 + Future topics will cover authentication and access control, script and programming rights, backup validation, 245 + extension review and operational practices. 246 + </p> 247 + </div> 248 + 239 239 <h2 id="security-review-faq">XWiki security review FAQ</h2> 240 240 241 241 <h3>What should an XWiki security review include?</h3> ... ... @@ -275,6 +275,7 @@ 275 275 <div class="resource-note"> 276 276 <p> 277 277 Related resources: 288 + <a href="$xwiki.getURL('resources.xwiki-access-rights-governance')">why XWiki access rights need a clear governance model</a>, 278 278 <a href="$xwiki.getURL('resources.why-upgrade-xwiki')">why regular XWiki upgrades matter</a> 279 279 and 280 280 <a href="$xwiki.getURL('resources.xwiki-custom-development')">how to keep XWiki custom development maintainable across upgrades</a>.