X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/975ae0944cdd18a510d803da7a499c2247ac855e..c631877d90adaf1ca77f30bedad61b8c54f2dfa3:/doc/security.mdwn?ds=inline diff --git a/doc/security.mdwn b/doc/security.mdwn index 0f8861d0d..3743adea1 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -161,7 +161,8 @@ page from the web, which follows the symlink when reading the page, and again when saving the changed page. This was fixed by making ikiwiki refuse to read or write to files that are -symlinks, combined with the above locking. +symlinks, or that are in subdirectories that are symlinks, combined with +the above locking. ## underlaydir override attacks