It would be great to provide an RSS feed of new SVG's submitted by people. That way we could have artcasting, right. This would be a great! Similarly, we could provide a daily RSS artcast that included a featured clip art.
From a security point of view I think this could be problematic.
This is NOT more problematic compared with the current display of the latest uploads. The only difference: having it in RSS allow syndication.
> This is NOT more problematic compared with the current display > of the latest uploads. Removing that was one of the security-related suggestions I had after the recent security-related outage. I agree that, security-wise, the two are equivalent; whether we publish the recently-submitted images that have not been reviewed and approved in any way via RSS, or simply via standard HTTP, the risk is the same. We should decide whether it's a risk we want to take or not, and make the decision on both accordingly, i.e., either don't publish incoming at all for security reasons, or else go ahead and have RSS syndication of incoming (if someone wants to implement it, a task I am not volunteering to do). I tend to think a compromise solution might be better, a system whereby people who log in with usernames and passwords, so that there is some accountability, can review incoming images, add or adjust keywords if necessary, and approve them, allowing them to then be moved from incoming to another folder ("new" perhaps) and published from there. Handing out accounts for this (note that they wouldn't need to be shell accounts) rather liberally would still provide better security than just publishing unreviewed and anonymously-contributed files, because it allows for better response in the event of an incident, and because the accountability would serve as a deterrent for some, and because it raises the bar a little in the first place, as an attacker would have to go to the trouble of requesting an account. It does introduce a delay before a contributed item is published, though.
This now works at www.openclipart.org/cchost
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.