urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

up

master
joey 2006-03-11 05:41:25 +00:00
parent 69d70eb3ba
commit 965afd875c
4 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/bugs.mdwn
View File

@ -10,3 +10,5 @@
"Host key verification failed." "Host key verification failed."
I think that the setuid isn't fully taking; it should be running as me, I think that the setuid isn't fully taking; it should be running as me,
but commit log shows www-data. So maybe it has the wrong username? but commit log shows www-data. So maybe it has the wrong username?
* Can't put the source in a directory named .source; the page finder skips
that due to too broad exclusion of any dotfile in a path.

8
doc/security.mdwn
View File

@ -74,6 +74,12 @@ Even with locking, if an attacker has local write access to the checkout,
they could still fool ikiwiki using similar races. So it's best if only one they could still fool ikiwiki using similar races. So it's best if only one
person can ever write to the checkout that ikiwiki compiles the moo from. person can ever write to the checkout that ikiwiki compiles the moo from.
## webserver symlink attacks
If someone checks in a symlink to /etc/passwd, ikiwiki would publish that.
To aoid this, ikiwiki will need to avoid reading files that are symlinks.
TODO and note discussion of races above.
## cgi security ## cgi security
When ikiwiki runs as a cgi to edit a page, it is passed the name of the When ikiwiki runs as a cgi to edit a page, it is passed the name of the
@ -82,4 +88,4 @@ editing of ../../../foo, or editing of files that are not part of the wiki,
such as subversion dotfiles. This is done by sanitising the filename such as subversion dotfiles. This is done by sanitising the filename
removing unallowed characters, then making sure it doesn't start with "/" removing unallowed characters, then making sure it doesn't start with "/"
or contain ".." or "/.svn/". Annoyingly ad-hoc, this kind of code is where or contain ".." or "/.svn/". Annoyingly ad-hoc, this kind of code is where
security holes breed. security holes breed. It needs a test suite at the very least.

7
doc/todo.mdwn
View File

@ -6,12 +6,9 @@
* No support for web user tracking/login yet. * No support for web user tracking/login yet.
* Doesn't svn commit yet. * Doesn't svn commit yet.
## [[RecentChanges]] ## recentchanges
This will need to be another cgi script, that grubs through the Should support RSS for notification of new and changed pages.
[[Subversion]] logs.
This should support RSS for notification of new and changed pages.
## page history ## page history

2
ikiwiki
View File

@ -701,6 +701,7 @@ sub cgi () {
print $q->header, print $q->header,
$q->start_html("Creating $page"), $q->start_html("Creating $page"),
$q->start_h1("<a href=\"$url\">$wikiname</a>/ Creating $page"), $q->start_h1("<a href=\"$url\">$wikiname</a>/ Creating $page"),
$q->end_hi,
$q->start_form(-action => $action), $q->start_form(-action => $action),
$q->hidden('do'), $q->hidden('do'),
"Select page location:", "Select page location:",
@ -728,6 +729,7 @@ sub cgi () {
print $q->header, print $q->header,
$q->start_html("Editing $page"), $q->start_html("Editing $page"),
$q->h1("<a href=\"$url\">$wikiname</a>/ Editing $page"), $q->h1("<a href=\"$url\">$wikiname</a>/ Editing $page"),
$q->end_hi,
$q->start_form(-action => $action), $q->start_form(-action => $action),
$q->hidden('do'), $q->hidden('do'),
$q->hidden('page'), $q->hidden('page'),