blob: deb79a8db4061e8251dba3fa115271e9390c3c76 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
What directory is the 'working copy'? There can be two interpretations: the current dir and the .git dir.
> It is fairly common terminology amoung all version control systems to use
> "working copy" to refer to a checkout from version control, including
> copies of all the versioned files, and whatever VCS-specific cruft that
> entails. So, a working copy is everything you get when you `git clone`
> a repository. --[[Joey]]
-------------------
The page says *"Note that this file should **not** be put in your wiki's directory with the rest of the files."* Why is that?
One possible thing is security: Is it just a precaution or would anyone with "write" access to wiki be able to replace the file?
--[[Martian]]
> Anyone with the ability to delete/replace attachments via the web UI, or the ability
> to commit directly to the VCS, would be able to replace it. That breaks ikiwiki's
> security model, because replacing the setup file is sufficient to achieve
> arbitrary code execution as the user running the CGI and VCS hooks. --[[smcv]]
>> Thanks. After all found it here: [[security]]. Now I wonder if I always use a file from the master branch, while limiting users to staging, it might fly...
|