Fossil SCM
URL fix
Commit
56b13f2a3c7255a1200e7a66dce61f175fe7521447968094bd227e9ced1eece0
Parent
e3e4bec36092f91…
1 file changed
+2
-1
+2
-1
| --- www/caps/admin-v-setup.md | ||
| +++ www/caps/admin-v-setup.md | ||
| @@ -353,11 +353,11 @@ | ||
| 353 | 353 | * **Tickets**: This section allows input of aribtrary TH1 code that |
| 354 | 354 | runs on the server, affecting the way the Fossil ticketing system |
| 355 | 355 | works. The justification in the **TH1** section below therefore |
| 356 | 356 | applies. |
| 357 | 357 | |
| 358 | -* **TH1**: The [TH1 language][TH1] is quite restricted relative to the | |
| 358 | +* **TH1**: The [TH1 language][th1] is quite restricted relative to the | |
| 359 | 359 | Tcl language it descends from, so this author does not believe there |
| 360 | 360 | is a way to damage the Fossil repository or its host via the Admin → |
| 361 | 361 | TH1 feature, which allows execution of arbitrary TH1 code within the |
| 362 | 362 | repository's execution context. Nevertheless, interpreters are a |
| 363 | 363 | well-known source of security problems, so it seems best to restrict |
| @@ -454,6 +454,7 @@ | ||
| 454 | 454 | [fui]: /help?cmd=ui |
| 455 | 455 | [lg]: ./login-groups.md |
| 456 | 456 | [rs]: https://www.fossil-scm.org/index.html/doc/trunk/www/settings.wiki |
| 457 | 457 | [sia]: https://fossil-scm.org/fossil/artifact?udc=1&ln=1259-1260&name=0fda31b6683c206a |
| 458 | 458 | [snoy]: https://fossil-scm.org/forum/forumpost/00e1c4ecff |
| 459 | +[th1]: ../th1.md | |
| 459 | 460 | [tt]: https://en.wikipedia.org/wiki/Tiger_team#Security |
| 460 | 461 |
| --- www/caps/admin-v-setup.md | |
| +++ www/caps/admin-v-setup.md | |
| @@ -353,11 +353,11 @@ | |
| 353 | * **Tickets**: This section allows input of aribtrary TH1 code that |
| 354 | runs on the server, affecting the way the Fossil ticketing system |
| 355 | works. The justification in the **TH1** section below therefore |
| 356 | applies. |
| 357 | |
| 358 | * **TH1**: The [TH1 language][TH1] is quite restricted relative to the |
| 359 | Tcl language it descends from, so this author does not believe there |
| 360 | is a way to damage the Fossil repository or its host via the Admin → |
| 361 | TH1 feature, which allows execution of arbitrary TH1 code within the |
| 362 | repository's execution context. Nevertheless, interpreters are a |
| 363 | well-known source of security problems, so it seems best to restrict |
| @@ -454,6 +454,7 @@ | |
| 454 | [fui]: /help?cmd=ui |
| 455 | [lg]: ./login-groups.md |
| 456 | [rs]: https://www.fossil-scm.org/index.html/doc/trunk/www/settings.wiki |
| 457 | [sia]: https://fossil-scm.org/fossil/artifact?udc=1&ln=1259-1260&name=0fda31b6683c206a |
| 458 | [snoy]: https://fossil-scm.org/forum/forumpost/00e1c4ecff |
| 459 | [tt]: https://en.wikipedia.org/wiki/Tiger_team#Security |
| 460 |
| --- www/caps/admin-v-setup.md | |
| +++ www/caps/admin-v-setup.md | |
| @@ -353,11 +353,11 @@ | |
| 353 | * **Tickets**: This section allows input of aribtrary TH1 code that |
| 354 | runs on the server, affecting the way the Fossil ticketing system |
| 355 | works. The justification in the **TH1** section below therefore |
| 356 | applies. |
| 357 | |
| 358 | * **TH1**: The [TH1 language][th1] is quite restricted relative to the |
| 359 | Tcl language it descends from, so this author does not believe there |
| 360 | is a way to damage the Fossil repository or its host via the Admin → |
| 361 | TH1 feature, which allows execution of arbitrary TH1 code within the |
| 362 | repository's execution context. Nevertheless, interpreters are a |
| 363 | well-known source of security problems, so it seems best to restrict |
| @@ -454,6 +454,7 @@ | |
| 454 | [fui]: /help?cmd=ui |
| 455 | [lg]: ./login-groups.md |
| 456 | [rs]: https://www.fossil-scm.org/index.html/doc/trunk/www/settings.wiki |
| 457 | [sia]: https://fossil-scm.org/fossil/artifact?udc=1&ln=1259-1260&name=0fda31b6683c206a |
| 458 | [snoy]: https://fossil-scm.org/forum/forumpost/00e1c4ecff |
| 459 | [th1]: ../th1.md |
| 460 | [tt]: https://en.wikipedia.org/wiki/Tiger_team#Security |
| 461 |