Commit Graph

77 Commits (706bcbfe66841cad47615b2178ac430504e0cf17)

Author SHA1 Message Date
Joey Hess c1289de1ef cve id 2008-05-31 20:16:18 -04:00
Joey Hess d8ec77a3cd fix link 2008-05-30 18:27:37 -04:00
Joey Hess 2bf2af30ea more on the security hole 2008-05-30 18:26:04 -04:00
Joey Hess 4152dca09e documentation for use of hashed passwords
Everything but the actual coding to support them.
2008-05-29 15:17:19 -04:00
Joey Hess 3912a9f5e9 add CVE link 2008-04-20 15:25:51 -04:00
Joey Hess 7f51c69491 releasing version 2.42 2008-04-10 17:24:08 -04:00
Joey Hess 72b5ef2c5f Fix CSRF attacks against the preferences and edit forms. Closes: #475445
The fix involved embedding the session id in the forms, and not allowing the
forms to be submitted if the embedded id does not match the session id.

In the case of the preferences form, if the session id is not embedded,
then the CGI parameters are cleared. This avoids a secondary attack where the
link to the preferences form prefills password or other fields, and
the user hits "submit" without noticing these prefilled values.

In the case of the editpage form, the anonok plugin can allow anyone to edit,
and so I chose not to guard against CSRF attacks against users who are not
logged in. Otherwise, it also embeds the session id and checks it.

For page editing, I assume that the user will notice if content or commit
message is changed because of CGI parameters, and won't blndly hit save page.
So I didn't block those CGI paramters. (It's even possible to use those CGI
parameters, for good, not for evil, I guess..)

The only other CSRF attack I can think of in ikiwiki involves the poll plugin.
It's certianly possible to set up a link that causes the user to unknowingly
vote in a poll. However, the poll plugin is not intended to be used for things
that people would want to attack, since anyone can after all edit the poll page
and fill in any values they like. So this "attack" is ignorable.
2008-04-10 16:35:30 -04:00
Joey Hess 609e74bbd8 fix what I think is a typo 2008-04-10 16:08:59 -04:00
Joey Hess 0737121a73 add CVE ids 2008-02-20 16:48:38 -05:00
Joey Hess 0e445d62d2 some updates about the recent hole 2008-02-10 19:00:26 -05:00
Joey Hess 71ccaf0751 a few thoughts on data: security 2008-02-10 15:55:42 -05:00
Joey Hess 4e791ed695 document security fix
The backported fix for stable is tagged and waiting for the security team
to upload.
2008-02-10 14:00:00 -05:00
Joey Hess 8937e5e285 typo 2007-12-22 01:36:55 -05:00
Joey Hess ce70d375a4 more 2007-11-27 12:50:42 -05:00
Joey Hess cfdba3c708 remove svn-isms 2007-11-27 12:49:41 -05:00
Joey Hess cb777df041 add some documentation about how to safely allow multiple committers to an
ikiwiki git repository
2007-11-27 12:41:18 -05:00
Joey Hess e15e3202eb releasing version 2.14 2007-11-26 15:30:44 -05:00
joey c8b4ba354f * Fix a security hole that allowed insertion of unsafe content via the meta
plugins's support for inserting html link and meta tags. Now such content
  is passed through the htmlscrubber like everything else.
* Unfortunatly, that means that some valid uses of those tags are no longer
  usable, and special case methods needed to be added for including
  stylesheets, and for doing openid delegation. If you use either of these
  in your wiki, it will need to be modified. See the meta plugin docs
  for details.
2007-03-21 18:52:56 +00:00
joey 1c65ca4922 * Fix a few bugs around page titles containing html. The worst of these
is an actual security hole as it allows insertion of html into the title
  element of a page, which is not processed by the htmlscrubber.
2007-03-21 06:05:21 +00:00
joey 40f318f3e9 document recent security hole 2007-02-14 01:31:31 +00:00
joey c54f2e20ac web commit by JeremyReed: typo fix 2006-12-27 03:43:56 +00:00
joey 9d63be9af9 web commit by http://id.kurokatta.org/david: Copyedit. 2006-11-21 12:43:22 +00:00
joey c49af80ab3 some notes about the security (or lack thereof) of plugins 2006-10-22 21:12:21 +00:00
joey e16746a52f * Add toc (table of contents) plugin. 2006-08-28 07:40:20 +00:00
joey 4a4c0b6268 update 2006-08-28 04:35:49 +00:00
joey 4ad7c9d625 * Patch from James Westby to add a --sslcookie switch, which forces
cookies to only be sent over ssl connections to avoid interception.
* Factor out the cgi header printing code into a new function.
* Fix preferences page on anonok wikis; still need to sign in to get
  to the preferences page.
2006-08-27 20:25:05 +00:00
joey 9d7375c3b2 * Allow preprocessor directives to contain python-like triple-quoted
text blocks, for easy nesting of quotes inside.
* Add a template plugin.
* Use the template plugin to add infoboxes to each plugin page listing basic
  info about the plugin.
2006-08-23 05:41:07 +00:00
joey 4d6f5e5a14 update 2006-08-18 06:22:38 +00:00
joey 2ea8fbe2d9 misc changes 2006-08-05 21:15:50 +00:00
joey 2c0b310cc2 releasing version 1.13 2006-08-02 01:31:39 +00:00
joey 8a5f9f6e00 security note 2006-07-30 06:08:56 +00:00
www-data dc35513522 web commit by ThomasSchwinge: Typo fixes. 2006-07-02 16:50:13 +00:00
www-data 995dfd6cf4 web commit by joey 2006-07-02 02:22:22 +00:00
joey 0bb605baf8 * Parse svn log as xml for improved utf8 and security. Note that this makes
ikiwiki depend on XML::Simple. Patch by Faidon Liambotis.
2006-07-02 02:18:31 +00:00
joey 140658bc51 * More security review. 2006-06-01 20:44:12 +00:00
joey 477c11ad4d typo 2006-05-26 16:23:48 +00:00
joey 6652de5e1a * Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber
and --disable-plugin htmlscrubber.
2006-05-05 05:41:11 +00:00
joey 54d5308cd8 * Added plugin system, currently only supporting for PreProcessorDirectives.
* Added a pagecount plugin, enabled by default.
* Support PreProcessorDirectives with no parameters, ie "[[pagecount ]]".
* Fixed/optimised backlinks code, to avoid rebuilding pages to update
  backlinks when the backlinks hadn't really changed.
* Moved inline page support, rss generation etc into the inline plugin,
  enabled by default.
* Added brokenlinks plugin, not enabled by default, but rather handy.
* Fix several broken links in the doc wiki.
2006-05-02 02:34:33 +00:00
www-data 788eebfc18 web commit by joey 2006-04-25 06:04:54 +00:00
www-data 699024fa15 web commit by joey 2006-04-25 06:04:20 +00:00
joey 2c64a9f6f1 security update 2006-04-25 06:02:38 +00:00
www-data 1a382e051f web commit by joey 2006-04-25 03:33:26 +00:00
www-data 903db5e5d5 web commit by joey 2006-04-25 03:33:17 +00:00
www-data dc558930f2 web commit by joey 2006-04-25 03:30:19 +00:00
joey d7aecf6ddc implemented html sanitisation 2006-04-25 03:18:21 +00:00
www-data ec9e013f3c web commit by joey 2006-04-25 00:39:19 +00:00
joey 698aeb2016 update 2006-04-24 23:05:17 +00:00
joey 1c8b757580 update 2006-04-24 23:03:40 +00:00
joey efe91335c6 improve fix for symlink attacks to check subdirectories for symlinks too
before writing
2006-03-29 18:50:36 +00:00
joey 975ae0944c Implemented --underlaydir, and moved files provided by underlay out of doc
so I don't need to maintain two copies anymore.

You might also want to remove the files provided in the basewiki underlay
from your wiki, if you have not created custom local versions of them, so
that these pages will be automatically updated in future ikiwiki upgrades.
2006-03-29 18:21:01 +00:00