Added|Changed(posts): Add dedicated security posts category and move posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html to posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html

Author: agnostic-apollo

_config.yml

@@ -48,6 +48,7 @@ collections:
 feed:
   categories:
     - general
+    - security
 
 show_excerpts: true # set to true to show excerpts on posts
 
@@ -102,6 +103,12 @@ defaults:
     values:
       category: packages
 
+  -
+    scope:
+      path: "_posts/*/security"
+    values:
+      category: security
+
 
 # Set page.lang for all posts files under respective languages and permalink with /en/:collection prefix
   -

_data/posts/t/cn/views.yml

@@ -3,7 +3,9 @@ index:
   apps: 应用
   general: 常规
   packages: 包
+  security: 安全
   apps_posts: 关于应用的文章
   general_posts: 常规文章
   packages_posts: 关于软件包的文章
+  security_posts: 安全类文章
   subscribe_to_rss_feed: 订阅RSS源

_data/posts/t/en/views.yml

@@ -3,7 +3,9 @@ index:
   apps: Apps
   general: General
   packages: Packages
+  security: Security
   apps_posts: Apps Posts
   general_posts: General Posts
   packages_posts: Packages Posts
+  security_posts: Security Posts
   subscribe_to_rss_feed: Subscribe to RSS feed

_data/sitemap.yml

@@ -2,4 +2,6 @@ excludes:
   - /redirects.json
   - /feed.xml
   - /general/2022/02/15/termux-apps-vulnerability-disclosures.html
+  - /en/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
+  - /cn/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
   - /apps/2022/02/25/termux-tasker-v0.6.0-release.html

_data/t/cn/views/navigation.yml

@@ -4,6 +4,7 @@ docs: 文档
 posts: 文章
 packages: 软件包
 donate: 捐赠
+security: 安全
 privacy_policy: 隐私政策
 
 # Footer

_layouts/posts/index.md

@@ -7,6 +7,7 @@ layout: page
 - [{%- include t.html root="posts" key="views.index.general" -%}](/{{- page.lang -}}/posts/general.html)
 - [{%- include t.html root="posts" key="views.index.apps" -%}](/{{- page.lang -}}/posts/apps.html)
 - [{%- include t.html root="posts" key="views.index.packages" -%}](/{{- page.lang -}}/posts/packages.html)
+- [{%- include t.html root="posts" key="views.index.security" -%}](/{{- page.lang -}}/posts/security.html)
 
 [{%- include t.html root="posts" key="views.index.subscribe_to_rss_feed" -%}](/feed.xml).
 

_posts/cn/apps/2022-02-25-termux-tasker-v0.6.0-release.md

@@ -5,7 +5,7 @@ page_ref: /posts/apps/2022/02/25/termux-tasker-v0.6.0-release.html
 
 `Termux:Tasker` `v0.6.0` 版本已经发布。
 
-**强烈建议您更新到 `v0.5.0` 或更高版本以修复 [Termux 应用程序漏洞披露](https://termux.github.io/general/2022/02/15/termux-apps-vulnerability-disclosures.html) 。**
+**强烈建议您更新到 `v0.5.0` 或更高版本以修复 [Termux 应用程序漏洞披露](https://termux.github.io/cn/posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html) 。**
 ##
 
 

…termux-apps-vulnerability-disclosures.md …termux-apps-vulnerability-disclosures.md_posts/cn/general/2022-02-15-termux-apps-vulnerability-disclosures.md renamed to _posts/cn/security/2022-02-15-termux-apps-vulnerability-disclosures.md _posts/cn/general/2022-02-15-termux-apps-vulnerability-disclosures.md renamed to _posts/cn/security/2022-02-15-termux-apps-vulnerability-disclosures.md

@@ -1,6 +1,8 @@
 ---
 title:  "Termux应用程序漏洞披露"
-page_ref: /posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
+redirect_from:
+    - /cn/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
+page_ref: /posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html
 ---
 
 这是 `termux-app`、`termux-tasker` 和 `termux-widget` 的漏洞报告。
@@ -86,11 +88,11 @@ context.sendBroadcast(intent);
 或者从任何一个应用程序，执行以下 Java 代码：
 
 ```java
-	Intent intent = new Intent();
-	intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
-	intent.setData(Uri.parse("/sdcard/exploit.sh"));
-	intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
-	startActivity(intent);
+    Intent intent = new Intent();
+    intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
+    intent.setData(Uri.parse("/sdcard/exploit.sh"));
+    intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
+    startActivity(intent);
 ```
 
 Termux 应用程序将会执行使用 `/data/data/com.termux/files/usr/bin/sh` 执行 `/sdcard/exploit.sh` 脚本，`/sdcard` 被挂载为 `noexec` 也没有问题。

_posts/en/apps/2022-02-25-termux-tasker-v0.6.0-release.md

@@ -6,7 +6,7 @@ page_ref: /posts/apps/2022/02/25/termux-tasker-v0.6.0-release.html
 
 The `Termux:Tasker` `v0.6.0` is out.
 
-**It is highly recommended that you update to `v0.5.0` or higher for fixes for vulnerabilities disclosed in the [Termux Apps Vulnerability Disclosures](https://termux.github.io/general/2022/02/15/termux-apps-vulnerability-disclosures.html) post.**
+**It is highly recommended that you update to `v0.5.0` or higher for fixes for vulnerabilities disclosed in the [Termux Apps Vulnerability Disclosures](https://termux.github.io/en/posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html) post.**
 ##
 
 

…termux-apps-vulnerability-disclosures.md …termux-apps-vulnerability-disclosures.md_posts/en/general/2022-02-15-termux-apps-vulnerability-disclosures.md renamed to _posts/en/security/2022-02-15-termux-apps-vulnerability-disclosures.md _posts/en/general/2022-02-15-termux-apps-vulnerability-disclosures.md renamed to _posts/en/security/2022-02-15-termux-apps-vulnerability-disclosures.md

@@ -1,7 +1,9 @@
 ---
 title:  "Termux Apps Vulnerability Disclosures"
-redirect_from: /general/2022/02/15/termux-apps-vulnerability-disclosures.html
-page_ref: /posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
+redirect_from:
+    - /general/2022/02/15/termux-apps-vulnerability-disclosures.html
+    - /en/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
+page_ref: /posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html
 ---
 
 This is a vulnerability report for `termux-app`, `termux-tasker` and `termux-widget`.
@@ -88,11 +90,11 @@ The `Termux:Widget` "security" worked by [generating a token](https://github.com
 Or use java from any app.
 
 ```java
-	Intent intent = new Intent();
-	intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
-	intent.setData(Uri.parse("/sdcard/exploit.sh"));
-	intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
-	startActivity(intent);
+    Intent intent = new Intent();
+    intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
+    intent.setData(Uri.parse("/sdcard/exploit.sh"));
+    intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
+    startActivity(intent);
 ```
 
 The termux app will run the `/sdcard/exploit.sh` script with `/data/data/com.termux/files/usr/bin/sh` and `/sdcard` being mounted as `noexec` would not be an issue.