Plugin: graphviz
Author: JoshTriplett
Included in ikiwiki: yes
Enabled by default: no
Included in goodstuff: no
Currently enabled: no
This plugin provides the graph directive. This directive allows embedding graphviz graphs in a page.
Security implications: graphviz does not seem to have any syntax exploitable to perform file access or shell commands on the server. However, the graphviz plugin does make denial of service attacks somewhat easier: any user with edit privileges can use this plugin to create large files without the need to send large amounts of data, allowing them to more quickly fill the disk, run the server out of memory, or use up large amounts of bandwidth. Any user can already do these things with just the core of ikiwiki, but the graphviz plugin allows for an amplification attack, since users can send less data to use large amounts of processing time and disk usage.
This plugin uses the Digest::SHA perl module.