X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/5c8351541d8bcdb09a137aa7fe029ce10e5db057..ce81e2e286ed5435eb114de21be73cd02da8a666:/doc/todo/underlay.mdwn

diff --git a/doc/todo/underlay.mdwn b/doc/todo/underlay.mdwn
index 20266260f..9bcfea62b 100644
--- a/doc/todo/underlay.mdwn
+++ b/doc/todo/underlay.mdwn
@@ -2,14 +2,12 @@ Rather than copy the basewiki around everywhere, it should be configured to
 underlay the main srcdir, and pages be rendered from there if not in the
 srcdir. This would allow upgrades to add/edit pages in the basewiki.
 
-Impementaion will be slightly tricky since currently ikiwiki is hardcoded
+Implementaion will be slightly tricky since currently ikiwiki is hardcoded
 in many places to look in srcdir for pages. Also, there are possible
 security attacks in the vein of providing a file ikiwiki would normally
 skip in the srcdir, and tricking it to processing this file instead of the
-one from the underlaydir.
-
-There are also difficulties related to removing files from the srcdir, and
-exposing ones from the underlaydir. Will need to make sure that the mtime
-for the source file is zeroed when the page is removed, and that it then
-finds the underlay file and treats it as newer.
+one from the underlaydir. -- Fixed by scanning srcdir first, then
+underlaydir, and refusing to add any files from underlaydir if they also
+exist in the srcdir. However, see [[security]] for caveats.
 
+[[todo/done]]