Commit Graph

134 Commits (2e19c82cb5974b5d2365ae11b6fd4053a299030d)

Author SHA1 Message Date
Joey Hess 41122048b9 teximg security problem 2009-08-30 15:20:32 -04:00
JoshTriplett 8202cfe19e Fix version. 2008-12-31 18:10:18 -05:00
Joey Hess 97cb036811 note fix versions 2008-11-12 17:35:21 -05:00
Joey Hess 716560b7f1 check for invalid utf-8, and toss it back to avoid crashes
Since ikiwiki uses open :utf8, perl assumes that files contain valid utf-8.
If it turns out to be malformed it may later crash while processing strings
read from them, with 'Malformed UTF-8 character (fatal)'.

As at least a quick fix, use utf8::valid as soon as data is read, and if
it's not valid, call encode_utf8 on the string, thus clearing the utf-8
flag. This may cause follow-on encoding problems, but will avoid this
crash, and the input file was broken anyway, so GIGO is a reasonable
response. (I looked at calling decode_utf8 after, but it seemed to cause
more trouble than it was worth. BTW, use open ':encoding(utf8)' avaoids
this problem, but the corrupted data later causes Storable to crash when
writing the index.)

This is a quick fix, clearly imperfect:
- It might be better to explicitly call decode_utf8 when reading files,
  rather than using the IO layer.
- Data read other than by readfile() can still sneak in bad utf-8. While
  ikiwiki does very little file input not using it, stdin for the CGI
  would be one way.
2008-11-12 17:30:54 -05:00
Joey Hess 4f06e7402a remove ikiwiki.setup
To generate your own, use ikiwiki -dumpsetup ikiwiki.setup

Update docs.
2008-07-26 22:55:39 -04:00
Simon McVittie 47d179802d Migrate everything else via prefix_directives
This is a partial commit of:
egrep -rl '\[\[[a-z]+ ' doc | xargs --max-args 1 ./ikiwiki-transition
prefix_directives
2008-07-21 12:32:31 +01:00
Joey Hess f8e33430d8 update 2008-07-02 16:47:29 -04:00
Joey Hess c1289de1ef cve id 2008-05-31 20:16:18 -04:00
Joey Hess d8ec77a3cd fix link 2008-05-30 18:27:37 -04:00
Joey Hess 2bf2af30ea more on the security hole 2008-05-30 18:26:04 -04:00
Joey Hess 4152dca09e documentation for use of hashed passwords
Everything but the actual coding to support them.
2008-05-29 15:17:19 -04:00
Joey Hess 3912a9f5e9 add CVE link 2008-04-20 15:25:51 -04:00
Joey Hess 7f51c69491 releasing version 2.42 2008-04-10 17:24:08 -04:00
Joey Hess 72b5ef2c5f Fix CSRF attacks against the preferences and edit forms. Closes: #475445
The fix involved embedding the session id in the forms, and not allowing the
forms to be submitted if the embedded id does not match the session id.

In the case of the preferences form, if the session id is not embedded,
then the CGI parameters are cleared. This avoids a secondary attack where the
link to the preferences form prefills password or other fields, and
the user hits "submit" without noticing these prefilled values.

In the case of the editpage form, the anonok plugin can allow anyone to edit,
and so I chose not to guard against CSRF attacks against users who are not
logged in. Otherwise, it also embeds the session id and checks it.

For page editing, I assume that the user will notice if content or commit
message is changed because of CGI parameters, and won't blndly hit save page.
So I didn't block those CGI paramters. (It's even possible to use those CGI
parameters, for good, not for evil, I guess..)

The only other CSRF attack I can think of in ikiwiki involves the poll plugin.
It's certianly possible to set up a link that causes the user to unknowingly
vote in a poll. However, the poll plugin is not intended to be used for things
that people would want to attack, since anyone can after all edit the poll page
and fill in any values they like. So this "attack" is ignorable.
2008-04-10 16:35:30 -04:00
Joey Hess 609e74bbd8 fix what I think is a typo 2008-04-10 16:08:59 -04:00
Joey Hess 0737121a73 add CVE ids 2008-02-20 16:48:38 -05:00
Joey Hess 0e445d62d2 some updates about the recent hole 2008-02-10 19:00:26 -05:00
Joey Hess 71ccaf0751 a few thoughts on data: security 2008-02-10 15:55:42 -05:00
Joey Hess 4e791ed695 document security fix
The backported fix for stable is tagged and waiting for the security team
to upload.
2008-02-10 14:00:00 -05:00
Joey Hess 8937e5e285 typo 2007-12-22 01:36:55 -05:00
Joey Hess ce70d375a4 more 2007-11-27 12:50:42 -05:00
Joey Hess cfdba3c708 remove svn-isms 2007-11-27 12:49:41 -05:00
Joey Hess cb777df041 add some documentation about how to safely allow multiple committers to an
ikiwiki git repository
2007-11-27 12:41:18 -05:00
Joey Hess e15e3202eb releasing version 2.14 2007-11-26 15:30:44 -05:00
joey c8b4ba354f * Fix a security hole that allowed insertion of unsafe content via the meta
plugins's support for inserting html link and meta tags. Now such content
  is passed through the htmlscrubber like everything else.
* Unfortunatly, that means that some valid uses of those tags are no longer
  usable, and special case methods needed to be added for including
  stylesheets, and for doing openid delegation. If you use either of these
  in your wiki, it will need to be modified. See the meta plugin docs
  for details.
2007-03-21 18:52:56 +00:00
joey 1c65ca4922 * Fix a few bugs around page titles containing html. The worst of these
is an actual security hole as it allows insertion of html into the title
  element of a page, which is not processed by the htmlscrubber.
2007-03-21 06:05:21 +00:00
joey 40f318f3e9 document recent security hole 2007-02-14 01:31:31 +00:00
joey c54f2e20ac web commit by JeremyReed: typo fix 2006-12-27 03:43:56 +00:00
joey 9d63be9af9 web commit by http://id.kurokatta.org/david: Copyedit. 2006-11-21 12:43:22 +00:00
joey c49af80ab3 some notes about the security (or lack thereof) of plugins 2006-10-22 21:12:21 +00:00
joey e16746a52f * Add toc (table of contents) plugin. 2006-08-28 07:40:20 +00:00
joey 4a4c0b6268 update 2006-08-28 04:35:49 +00:00
joey 4ad7c9d625 * Patch from James Westby to add a --sslcookie switch, which forces
cookies to only be sent over ssl connections to avoid interception.
* Factor out the cgi header printing code into a new function.
* Fix preferences page on anonok wikis; still need to sign in to get
  to the preferences page.
2006-08-27 20:25:05 +00:00
joey 9d7375c3b2 * Allow preprocessor directives to contain python-like triple-quoted
text blocks, for easy nesting of quotes inside.
* Add a template plugin.
* Use the template plugin to add infoboxes to each plugin page listing basic
  info about the plugin.
2006-08-23 05:41:07 +00:00
joey 4d6f5e5a14 update 2006-08-18 06:22:38 +00:00
joey 2ea8fbe2d9 misc changes 2006-08-05 21:15:50 +00:00
joey 2c0b310cc2 releasing version 1.13 2006-08-02 01:31:39 +00:00
joey 8a5f9f6e00 security note 2006-07-30 06:08:56 +00:00
www-data dc35513522 web commit by ThomasSchwinge: Typo fixes. 2006-07-02 16:50:13 +00:00
www-data 995dfd6cf4 web commit by joey 2006-07-02 02:22:22 +00:00
joey 0bb605baf8 * Parse svn log as xml for improved utf8 and security. Note that this makes
ikiwiki depend on XML::Simple. Patch by Faidon Liambotis.
2006-07-02 02:18:31 +00:00
joey 140658bc51 * More security review. 2006-06-01 20:44:12 +00:00
joey 477c11ad4d typo 2006-05-26 16:23:48 +00:00
joey 6652de5e1a * Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber
and --disable-plugin htmlscrubber.
2006-05-05 05:41:11 +00:00
joey 54d5308cd8 * Added plugin system, currently only supporting for PreProcessorDirectives.
* Added a pagecount plugin, enabled by default.
* Support PreProcessorDirectives with no parameters, ie "[[pagecount ]]".
* Fixed/optimised backlinks code, to avoid rebuilding pages to update
  backlinks when the backlinks hadn't really changed.
* Moved inline page support, rss generation etc into the inline plugin,
  enabled by default.
* Added brokenlinks plugin, not enabled by default, but rather handy.
* Fix several broken links in the doc wiki.
2006-05-02 02:34:33 +00:00
www-data 788eebfc18 web commit by joey 2006-04-25 06:04:54 +00:00
www-data 699024fa15 web commit by joey 2006-04-25 06:04:20 +00:00
joey 2c64a9f6f1 security update 2006-04-25 06:02:38 +00:00
www-data 1a382e051f web commit by joey 2006-04-25 03:33:26 +00:00
www-data 903db5e5d5 web commit by joey 2006-04-25 03:33:17 +00:00
www-data dc558930f2 web commit by joey 2006-04-25 03:30:19 +00:00
joey d7aecf6ddc implemented html sanitisation 2006-04-25 03:18:21 +00:00
www-data ec9e013f3c web commit by joey 2006-04-25 00:39:19 +00:00
joey 698aeb2016 update 2006-04-24 23:05:17 +00:00
joey 1c8b757580 update 2006-04-24 23:03:40 +00:00
joey efe91335c6 improve fix for symlink attacks to check subdirectories for symlinks too
before writing
2006-03-29 18:50:36 +00:00
joey 975ae0944c Implemented --underlaydir, and moved files provided by underlay out of doc
so I don't need to maintain two copies anymore.

You might also want to remove the files provided in the basewiki underlay
from your wiki, if you have not created custom local versions of them, so
that these pages will be automatically updated in future ikiwiki upgrades.
2006-03-29 18:21:01 +00:00
joey 9092356173 added --getctime 2006-03-26 02:30:44 +00:00
joey 62f1f9732b found & fixed another symlink attack 2006-03-23 04:33:35 +00:00
joey 325d5c791f added adminuser settings, globlist support, and used this to implement page
locking
2006-03-23 01:40:46 +00:00
www-data ae0475367c web commit by joey 2006-03-19 22:01:43 +00:00
www-data cc5248c5f6 web commit by joey 2006-03-19 22:00:58 +00:00
www-data 1d8e719e6a web commit by joey 2006-03-19 22:00:23 +00:00
www-data 93f8af972b web commit by joey 2006-03-19 20:49:26 +00:00
www-data c0a2814124 web commit by joey 2006-03-16 21:09:41 +00:00
www-data c868d08aeb web commit by joey 2006-03-16 21:07:32 +00:00
www-data 18879c0a14 web commit by joey 2006-03-16 21:06:32 +00:00
www-data 0340c45ea1 web commit by joey 2006-03-15 06:10:26 +00:00
www-data 7f6610f249 web commit by joey 2006-03-15 06:02:57 +00:00
www-data 4c232a06de web commit by joey 2006-03-15 05:56:48 +00:00
joey 0f35669dd6 foo 2006-03-13 19:31:05 +00:00
joey 0563a600e9 security improvements, switched to single session db file 2006-03-12 18:07:14 +00:00
joey 1311d67f0d added signin form, although it needs to be hooked up to a user store 2006-03-12 02:22:29 +00:00
www-data b35fee6c6d web commit from 66.118.98.137: 2006-03-11 06:03:44 +00:00
www-data fd69e837b6 web commit from 66.118.98.137: 2006-03-11 06:03:30 +00:00
www-data dce2ce40e8 web commit from 66.118.98.137: 2006-03-11 06:02:51 +00:00
www-data 8440a771c1 web commit from 66.118.98.137: 2006-03-11 06:00:48 +00:00
joey 965afd875c up 2006-03-11 05:41:25 +00:00
joey 57706b5d4a foo 2006-03-11 05:08:25 +00:00
joey deb4e4b0c2 update 2006-03-10 23:43:44 +00:00
joey 942d5896cd added cgi support 2006-03-10 23:16:09 +00:00
joey d5566303d6 foo 2006-03-10 09:16:07 +00:00
joey 9ab1c273f6 autowrapper 2006-03-10 09:02:09 +00:00
joey a1997e1994 add 2006-03-10 02:10:44 +00:00