1 1. We have a `$srcdir/writable/page.mdwn` source file in Git.
2 2. ikiwiki is configured to allow edits via the CGI in `writable/*`,
4 2. Modify `$srcdir/writable/page.mdwn`, commit ⇒ commit `$id`.
5 3. `git mv $srcdir/writable/page.mdwn $srcdir/read-only/page.mdwn`
7 ⇒ The web interface allows reverting commit `$id` (presumably because
8 it changes files only in `$srcdir/writable`). This operation
9 effectively modifies `$srcdir/read-only/page.mdwn`, which feels wrong.
10 My guess is that `check_canchange` does not take into account that Git
11 will automatically detect that the file affected by the to-be-reverted
12 commit has moved, and modify the file in its new location
15 > Working on it. In future please report non-public security
16 > vulnerabilities (such as authorization bypass) by private email to the
17 > maintainers, so that they are not visible to the general public
18 > until we have had a chance to fix the bug. --[[smcv]]