Page MenuHomePhabricator
Create Task
Maniphest T8773

Blocked users are able to create accounts
Closed, ResolvedPublic
Actions

Description

Since bug 550 is resolved, blocked users are allowed to create users. The dutch
entry in the log is then:
21 jul 2006 22:46 Occulair (Overleg | bijdragen | blokkeer) Maakte een account
voor Gebruiker:Effe Iets Andersd, Dan???Froggy (Overleg | bijdragen | blokkeer)
(don't know the english one)
Through some page users are allowed to create accounts. This possibility is not
blocked when a user is blocked, not even when the IP is prevented to create
users. The created users seem not to be able to edit. A troll on nl.wp is using
this leak, and creating accounts, and trolling that way. If this could be fixed,
please. It could be temporarily fixed by taking away the createuser-ability from
all logged-in users on nl.wikipedia , though, this is not perfect, as all wiki's
will have the same problem. Thanks.

Version: unspecified
Severity: major

Details

Reference
bz6773

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:19 PM
bzimport added a project: MediaWiki-General.
bzimport set Reference to bz6773.
bzimport added a subscriber: Unknown Object (MLST).
Effeietsanders created this task.Jul 21 2006, 9:43 PM
bzimport added a comment.Jul 21 2006, 10:26 PM

ayg wrote:

Please provide exact links to the user and block logs if possible, demonstrating
that users were being created when their IP was blocked. I just tried this, and
get the message "Account creation from this IP address (...) has been
temporarily restricted. This is probably due to persistent vandalism from the
shared IP address you are editing from, most likely from your school or internet
service provider.". Are you sure the blocks prohibited account creation?

daniel added a comment.Jul 21 2006, 10:32 PM

In any case, even if account creations is *not* blocked for the IP, it *should*
be blocked for the logged in, blocked user.

Effeietsanders added a comment.Jul 21 2006, 10:50 PM

user creating accounts:
http://nl.wikipedia.org/w/index.php?title=Speciaal%3ALog&type=&user=Occulair&page=
Blocked user:
http://nl.wikipedia.org/w/index.php?title=Speciaal%3ALog&type=&user=&page=user%3AOcculair

So oscar blocked him, and he was able to create accounts. Afaik, you should
check maybe, was the IP of this user also blocked after the change with fixing
bug 550. This was done after a checkuser.

Effeietsanders added a comment.Jul 22 2006, 8:30 AM
  • This bug has been marked as a duplicate of 6775 ***
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL