Add notes about possible security issues with rename - these look to be already covered in the source, but I wanted to make sure they're listed in the docs too.

2008-07-24 21:46:23 -04:00 · 2008-07-24 21:46:23 -04:00 · 7a070c64fa
parent 058e7e451c
commit 7a070c64fa
1 changed files with 6 additions and 0 deletions
--- a/doc/todo/Moving_Pages.mdwn
+++ b/doc/todo/Moving_Pages.mdwn
@ -205,3 +205,9 @@ Cases to consider:
  Update: Meh. It's certianly not ideal; if Bob tries to save the page he
  uploaded the attachment to, he'll get a message about it having been
  deleted/renamed, and he can try to figure out what to do... :-/
+* I don't know if this is a conflict, but it is an important case to consider;
+  you need to make sure that there are no security holes.  You dont want
+  someone to be able to rename something to <code>/etc/passwd</code>.
+  I think it would be enough that you cannot rename to a location outside
+  of srcdir, you cannot rename to a location that you wouldn't be able
+  to edit because it is locked, and you cannot rename to an existing page.