notes about this plugin, including a security issue
parent
bb7179966c
commit
a70b71c663
|
@ -0,0 +1,14 @@
|
|||
I'd like to include this in ikiwiki. Using vim for syntax highlighting is
|
||||
suprising to me, but it seems to work great. Would it be possible to
|
||||
license it the same as the rest of ikiwiki (GPL) instead of dragging in the
|
||||
perl license?
|
||||
|
||||
Text::VimColor will need to be added to Debian..
|
||||
|
||||
It looks to me like the file parameter is a security hole, since it allows
|
||||
inclusion of arbitrary files into the wiki, including ones outside of the
|
||||
wiki source tree. I think this option should either be removed, or be
|
||||
limited to reading files inside the wiki source tree. If it's retained it
|
||||
should also add an appropriate dependency on the included file.
|
||||
|
||||
--[[Joey]]
|
Loading…
Reference in New Issue