added --getctime

author: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> 2006-03-26 02:30:44 +0000
committer: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> 2006-03-26 02:30:44 +0000
commit: 90923561734f17ad777237bed5e7b40e682344eb (patch)
tree: 8d1ef394472f0e36f167dc5683c6d368b2cb61d2 /doc/security.mdwn
parent: 3903c2ce3a72d1fcd941f0e24a6780eaf15aa33a (diff)
download: ikiwiki-90923561734f17ad777237bed5e7b40e682344eb.tar
ikiwiki-90923561734f17ad777237bed5e7b40e682344eb.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn
index c7a6fcd69..48d82db89 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -46,7 +46,9 @@ this wiki, BTW.
 
 Anyone with svn commit access can forge "web commit from foo" and make it appear on [[RecentChanges]] like foo committed. One way to avoid this would be to limit web commits to those done by a certian user.
 
-It's actually possible to force a whole series of svn commits to appear to have come just before yours, by forging svn log output. This could be guarded against somewhat by revision number scanning, since the forged revisions would duplicate the numbers of unforged ones. Or subversion could fix svn log to indent commit messages, which would make such forgery impossible..
+It's actually possible to force a whole series of svn commits to appear to
+have come just before yours, by forging svn log output. This could be
+guarded against by using svn log --xml.
 
 ikiwiki escapes any html in svn commit logs to prevent other mischief.
author	joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>	2006-03-26 02:30:44 +0000
committer	joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>	2006-03-26 02:30:44 +0000
commit	90923561734f17ad777237bed5e7b40e682344eb (patch)
tree	8d1ef394472f0e36f167dc5683c6d368b2cb61d2 /doc/security.mdwn
parent	3903c2ce3a72d1fcd941f0e24a6780eaf15aa33a (diff)
download	ikiwiki-90923561734f17ad777237bed5e7b40e682344eb.tar ikiwiki-90923561734f17ad777237bed5e7b40e682344eb.tar.gz