The default installation mails new user info to PeterThoeny

• The default install has PeterThoeny as the WIKIWEBMASTER
• The TWikiRegistration script emails new user info to the WIKIWEBMASTER
• Versions before 2000-12-01 even include the user's password in the email!!!
  • (I am not sure of the exact date this "minor" mistake was fixed.)

• The short-term solution is to hand-edit (ie NOT via TWiki) the TWikiPreferences page BEFORE creating any users.
• The long-term solution is to provide a secure set of default pages.
• This behaviour is simply unforgivable.

(Because everyone has the ability to edit a TWiki, the responsibility for keeping the documentation current and correct is shared. In this respect wiki's have the "viral" aspect of the GPL.)

-- TWikiGuest - 28 Nov 2000

Dear Guest:

This does normally not happen if you read the docs because it is clearly marked. The config file wikicfg.pm has stated it two times:

• in header:
  # - Customize variables in wikicfg.pm when installing TWiki.
NOTE: Don't forget to customize also the TWikiPreferences topic.
• at the end of the variables:
  # NOTE: Don't forget to customize also the TWikiPreferences topic.

My email address is in there for a simple reason: Ease of testing. I want to make sure that Beta and production releases are tested and do work before being distributed.

I will update the TWikiInstallationGuide to state that the webmaster needs to be set in the TWikiPreferences topic. Thanks for pointing this out.

-- PeterThoeny - 28 Nov 2000

I double checked and found out that I still get the notification emails even when the email address is set to a non-existing address, it bounces back with a "delivery problem" message. That means I can test TWiki without my email address, so I removed it from the TWikiPreferences in the distribution. I repackaged the 01 Dec 2000 production release, it contains now also the TWikiFAQ (but the Perl scripts are untouched)

-- PeterThoeny - 30 Nov 2000