From 080a52977c9ca7964d075bb2e2388bdc006780ea Mon Sep 17 00:00:00 2001 From: "http://smcv.pseudorandom.co.uk/" Date: Fri, 21 Dec 2012 07:02:19 -0400 Subject: [PATCH] Added a comment --- ..._2d996f1124aedc10f345139c3d8b11df._comment | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 doc/forum/ikiwiki_and_big_files/comment_2_2d996f1124aedc10f345139c3d8b11df._comment diff --git a/doc/forum/ikiwiki_and_big_files/comment_2_2d996f1124aedc10f345139c3d8b11df._comment b/doc/forum/ikiwiki_and_big_files/comment_2_2d996f1124aedc10f345139c3d8b11df._comment new file mode 100644 index 000000000..6a11d9ae2 --- /dev/null +++ b/doc/forum/ikiwiki_and_big_files/comment_2_2d996f1124aedc10f345139c3d8b11df._comment @@ -0,0 +1,19 @@ +[[!comment format=mdwn + username="http://smcv.pseudorandom.co.uk/" + nickname="smcv" + subject="comment 2" + date="2012-12-21T11:02:19Z" + content=""" +Unfortunately, ikiwiki [[doesn't follow symlinks for security +reasons|security]] - if it did, anyone who can commit to the wiki +repository could publish any file readable by the user who runs ikiwiki, +including secrets like `~/.gnupg/secring.gpg` or +`~/.ssh/identity`. + +git-annex relies on symlinks, so that restriction breaks it. +It would be great to be able to use some restricted, safe subset +of symlinks (\"relative symlinks that point into `.git/annex`\" would +be enough to support git-annex), and I've looked into it in the past. +My [[plugins/contrib/album]] plugin would benefit from being able +to annex the actual photos, for instance. +"""]] -- 2.26.2