diff options
author | http://kerravonsen.dreamwidth.org/ <http://kerravonsen.dreamwidth.org/@web> | 2011-03-22 05:03:10 +0000 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2011-03-22 05:03:10 +0000 |
commit | d1285de53d37d8fa1f8e3076ce29cd4a59ec4dfb (patch) | |
tree | 4c51bf1e8eb0999de15417767c8d313b7475b9c3 | |
parent | 1bed7d438410e343d149c5a94054e15ee014f4ae (diff) |
response to response
-rw-r--r-- | doc/forum/Apache_XBitHack.mdwn | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/forum/Apache_XBitHack.mdwn b/doc/forum/Apache_XBitHack.mdwn index 5def2f817..63d33287e 100644 --- a/doc/forum/Apache_XBitHack.mdwn +++ b/doc/forum/Apache_XBitHack.mdwn @@ -13,3 +13,8 @@ I gather from the [[security]] page that having the executable bit set on files > would result in a html page that can be run as an executable. So an > option that makes all files rendered from mdwn or other markups > get the x bit set would be pretty safe even with untrusted editors. --[[Joey]] + +>> So how about this: if something has a page-type (i.e. mdwn or whatever authorized page types there are) +>> then add something at the end of the process (would that be the "changes" hook?) +>> which sets the x bit on the generated page file. Would that work? +>> --[[KathrynAndersen]] |