]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - doc/setup/byhand/discussion.mdwn
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
yes, not committing the setup file to the same VCS is a security thing
[git.ikiwiki.info.git] / doc / setup / byhand / discussion.mdwn
diff --git a/doc/setup/byhand/discussion.mdwn b/doc/setup/byhand/discussion.mdwn
index 941976789619375d2557bc7e44d7215fc12087c6..6fc931ad3b5b8e04c2d1a79db50eaa42ef50bb25 100644 (file)
--- a/doc/setup/byhand/discussion.mdwn
+++ b/doc/setup/byhand/discussion.mdwn
@@ -5,3 +5,16 @@ What directory is the 'working copy'? There can be two interpretations: the curr
 > copies of all the versioned files, and whatever VCS-specific cruft that
 > entails. So, a working copy is everything you get when you `git clone`
 > a repository. --[[Joey]]
+
+-------------------
+
+The page says *"Note that this file should **not** be put in your wiki's directory with the rest of the files."* Why is that?
+
+One possible thing is security: Is it just a precaution or would anyone with "write" access to wiki be able to replace the file?
+
+ --[[Martian]]
+
+> Anyone with the ability to delete/replace attachments via the web UI, or the ability
+> to commit directly to the VCS, would be able to replace it. That breaks ikiwiki's
+> security model, because replacing the setup file is sufficient to achieve
+> arbitrary code execution as the user running the CGI and VCS hooks. --[[smcv]]
Unnamed repository; edit this file 'description' to name the repository.