1 Mar
2013
1 Mar
'13
1:41 a.m.
On Wed, Feb 27, 2013 at 5:26 PM, Alexander Rødseth <rodseth@gmail.com> wrote:
Hi,
2013/2/27 Angel Velásquez <angvp@archlinux.org>:
For solving the problem right now -quick and dirty-, we just have to add a validation (tsk tsk anyone who wants to sum contributions can code this silly patch), if the user is suspended don't let him flag the package and actually redirect him to the logout page (to kill those cookies).
Wouldn't he/she/they be able to just register more accounts and continue flagging packages this way?
Yes, a malicious user would be able to evade suspension by registering new accounts. In my opinion, those situations call for IP banning.