Return-Path: <marten@marten.rgoc.rug.nl>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id BE884431FAE
	for <notmuch@notmuchmail.org>; Wed,  3 Feb 2010 09:14:43 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -0.852
X-Spam-Level: 
X-Spam-Status: No, score=-0.852 tagged_above=-999 required=5
	tests=[AWL=-0.853, BAYES_50=0.001] autolearn=unavailable
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id xlChG0Zj6ViV for <notmuch@notmuchmail.org>;
	Wed,  3 Feb 2010 09:14:43 -0800 (PST)
Received: from smtp9.rug.nl (smtp9.rug.nl [129.125.60.9])
	by olra.theworths.org (Postfix) with ESMTP id 5DCAC431FBD
	for <notmuch@notmuchmail.org>; Wed,  3 Feb 2010 09:14:43 -0800 (PST)
Received: from marten (f5selfip-4-60.service.rug.nl [129.125.60.248])
	by smtp9.rug.nl (8.14.3/8.14.3) with ESMTP id o13HEfB3009739;
	Wed, 3 Feb 2010 18:14:41 +0100
Received: by marten (Postfix, from userid 1000)
	id 37E002AE2BA; Wed,  3 Feb 2010 18:14:27 +0100 (CET)
From: Marten Veldthuis <marten@veldthuis.com>
To: Carl Worth <cworth@cworth.org>, notmuch@notmuchmail.org
In-Reply-To: <87r5p2p8pe.fsf@yoom.home.cworth.org>
References: <87sk9ipxtz.fsf@yoom.home.cworth.org>
	<87k4uu2xho.fsf@marten.rgoc.rug.nl>
	<87r5p2p8pe.fsf@yoom.home.cworth.org>
Date: Wed, 03 Feb 2010 18:14:27 +0100
Message-ID: <871vh2utqk.fsf@marten.rgoc.rug.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Virus-Scanned: clamav-milter 0.95.3 at smtp9
X-Virus-Status: Clean
Subject: Re: [notmuch] New wiki instance on the notmuchmail.org website
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 17:14:43 -0000

On Wed, 03 Feb 2010 08:47:41 -0800, Carl Worth <cworth@cworth.org> wrote:
> See this page for details (particularly the "security" and
> "infelicities" sections):
> 
> 	http://ikiwiki.info/tips/untrusted_git_push/

Ah. Probably this section:

  So, unless you have the attachment plugin turned on, non-page files
  cannot be added. And if it's turned on, whatever allowed_attachments
  checks you have configured will also check files pushed into git.

since I was trying to add some screenshots of the Emacs interface. It
makes perfect sense not to enable this plugin though, given the security
implications (people could potentially upload mp3's as png's etc).

Let me know if I should send you the commit off-list or if you don't
mind enabling the attachment plugin for eg common image filetypes.

-- 
- Marten