response

2008-11-05 14:58:35 -05:00 · 2008-11-05 14:58:35 -05:00 · b609ae76ed
parent 6fbe214d91
commit b609ae76ed
1 changed files with 4 additions and 0 deletions
--- a/doc/plugins/po.mdwn
+++ b/doc/plugins/po.mdwn
@ -231,6 +231,10 @@ Security checks
  > I've checked in a change fixing that. --[[Joey]]
 - `refreshpofiles` and `refreshpot` create new files; this may need
  some checks, e.g. using `IkiWiki::prep_writefile()`
+  > Yes, it would be ideal to call `prep_writefile` on each file 
+  > that they write, beforehand. This way you'd avoid symlink attacks etc to the
+  > generated po/pot files. I haven't done it, but it seems pretty trivial.
+  > --[[Joey]]
 - Can any sort of directives be put in po files that will
  cause mischief (ie, include other files, run commands, crash gettext,
  whatever).