public website generate and promote scripts don't require authorization
|Reported by:||maphew||Owned by:||warmerdam|
The links to osgeo4w-regen.sh and osgeo4w-promote.sh from wiki:PackagingInstructions can be initiated by anonymous users. This opens the door to trivial denial of service attacks as regen in particular consumes server resources. Even if we disregard malicious intent a curious surfer could prematurely promote the setup-test.ini to production.