Issues
======

Just a unsorted list of things to think about.

Stateless::
  uwiki requests/actions are stateless as in the server does never
  need to store any volatile state information.

Locking::
  we may need to add some short lived locks (_lock metatype) to
  prevent race conditions on concurrent requests.

Three Way merge::
  If a file is edited by 2 persons at the same time, the one who saves
  it last might yield a conflict and should send back to him for
  reediting/resolving the conflict. This can only be done if the
  request contains some identifier on which file version the file was
  originally based upon.

assert, logging::
  use assert() everywhere instead 'if log_level_func..' and override
  luas assert with a custom cgilua handler.


Lua with chroot and suexec::
  extend the lua toplevel (lua.c) to allow --chroot and --user
  options with the following semantics:
   * retain normal semantic if neither of the option is supplied and
     the program is not suid root.
   * if --chroot is given, the program must have the permissione to
     chroot else abort. check that the chroot dir exists.
   * if --user is given then the program must have permission to suid
     to the desire user, the user is picked from the root environment,
     not from the chroot environment.
   * if the program is suid root then refuse to --user root when the
     caller is not root.
   * if the program is suid root then check that the script must not
     be writeable by anyone else except root (or the destination
     user?)

chroot thoughts::
  prepare the chroot dir, but dont populate it, the admin shall
  install the distributution (or just binaries) of his choice there.
  Supply a script which removes all suid flags from binaries inside,
  since suid-root can break out of a chroot.