dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
84c39bf
)
security concerns
author
Tim Starling
<tstarling@users.mediawiki.org>
Thu, 4 May 2006 06:12:47 +0000
(06:12 +0000)
committer
Tim Starling
<tstarling@users.mediawiki.org>
Thu, 4 May 2006 06:12:47 +0000
(06:12 +0000)
includes/cbt/README
patch
|
blob
|
history
diff --git
a/includes/cbt/README
b/includes/cbt/README
index
1f565e0
..
cffcef2
100644
(file)
--- a/
includes/cbt/README
+++ b/
includes/cbt/README
@@
-43,6
+43,10
@@
The problems I saw were:
* Syntax. The syntax is minimalistic and easy to parse, but can be quite ugly.
Will generations of MediaWiki users curse my name?
+* Security. The code produced by TemplateCompiler is best stored in memcached
+ and executed with eval(). This allows anyone with access to the memcached port
+ to run code as the apache user.
+
Template syntax
---------------