* Patch from Thomas Schwinge to switch from --svn to --rcs=svn, etc,

[ikiwiki.git] / doc / security.mdwn

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 956351d709c4e321eb6e0436239868155b3ca73f..77552b1b2e2d2c3abe04d273200b23412b7f9219 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -10,6 +10,8 @@ to be kept in mind.
 
 # Probable holes
 
 
 # Probable holes
 

+_(The list of things to fix.)_
+

 ## svn commit logs
 
 Anyone with svn commit access can forge "web commit from foo" and make it
 ## svn commit logs
 
 Anyone with svn commit access can forge "web commit from foo" and make it


@@ -60,7 +62,7 @@ this wiki, BTW.
 
 ## page locking can be bypassed via direct svn commits
 
 
 ## page locking can be bypassed via direct svn commits
 

-A [[lock]]ed page can only be edited on the web by an admin, but
+A locked page can only be edited on the web by an admin, but

 anyone who is allowed to commit direct to svn can bypass this. This is by
 design, although a subversion pre-commit hook could be used to prevent
 editing of locked pages when using subversion, if you really need to.
 anyone who is allowed to commit direct to svn can bypass this. This is by
 design, although a subversion pre-commit hook could be used to prevent
 editing of locked pages when using subversion, if you really need to.