Comment 6 for bug 1228364

The current issue here is that the cgit mechanism for rendering .rst (and other) README files is that it allows Apache to run straight bash conversion commands on the files and serves them without any type of sanitation.

All the README files are reviewed, so it may not be a serious issue, but it does seem a little scary that we have our webserver doing this - and SELinux agrees.