From 31b818aca8515005169e073c6a7188ddbbbf880d Mon Sep 17 00:00:00 2001
From: Baptiste Mispelon <bmispelon@gmail.com>
Date: Fri, 16 Feb 2024 07:09:39 +0100
Subject: [PATCH] Disabled about page and web upload of plugins.

The about page was not linked from any page, and would expose sensitive
environment variable to admins.

Web upload of plugins was not used and is undesirable for us.
---
 trac-env/conf/trac.ini | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/trac-env/conf/trac.ini b/trac-env/conf/trac.ini
index ed17c18..e7fc50b 100644
--- a/trac-env/conf/trac.ini
+++ b/trac-env/conf/trac.ini
@@ -11,6 +11,8 @@ wiki_format_messages = enabled
 
 [components]
 navhider.filter.* = enabled
+trac.about.* = disabled
+trac.admin.web_ui.PluginAdminPanel = disabled
 trac.ticket.query.* = enabled
 trac.ticket.query.querymodule = enabled
 trac.ticket.query.ticketquerymacro = enabled