White dot for spacing only
The Dice Project


Operational Meeting

Minutes of the meeting held on Wednesday 23rd January 2008
JCMB-2511

Present:
Toby Blake, Lindsey Brown, Neil Brown, Tim Colles (convener and minutes), Chris Cooke, Ken Dawson, Ian Durkacz, Graham Dutton, Stephen Quinney, George Ross, Rosemary Soutar, Craig Strachan, Simon Wilkinson
  1. Apologies for absence

    Alastair, Alison.

  2. minutes of the last meeting.

    These were accepted.

  3. Report from Computing Executive Group
    1. SL5 Upgrades

      All SL5 server upgrades to be be done by end of March. This is a tight deadline but we don't want this to overrun into preparing the Forum. Priority should be given to external facing servers. Ian has a web page for coordinating the upgrades.

    2. Innovation meeting on personal/mobility computing

      Ken noted that even though this meeting will happen Feb/Mar nothing will be done or started until Autumn due to other constraints on our time.

  4. Frontline Support Issues
  5. Reports from units.

  6. Topics for discussions

    The following topics were discussed:

  7. AOCB

    Simon drew our attention to 'CSRF' (Cross Site Redirection Fraud) so as anyone running web applications should check whether it affects them. Generally this affects users where they leave themselves signed on with one web service (such as googlemail) and then continue to browse the web - their authentication is retained in the browser and malicious web sites can make use of it, so best to always sign off before carrying on with browsing. Our sites are more susceptible because people are effectively always signed on with Cosign authentication. The fix is to embed hidden random codes in forms that can be checked by the server on a GET/POST operation and that a third party would not have access to or could predict.

    The next meeting will be on February 13th in the Buccleuch Place Seminar Room and chaired by George Ross.


 : Operational : Meetings 

Mini Informatics Logo - Link to Main Informatics Page
Please contact us with any comments or corrections.
Unless explicitly stated otherwise, all material is copyright The University of Edinburgh
Spacing Line