[pmwiki-devel] encrypted pagestore?

christian.ridderstrom at gmail.com christian.ridderstrom at gmail.com
Sun Jan 6 05:29:49 CST 2008


On Sat, 5 Jan 2008, Martin Fick wrote:

> 3) who has root access on the server (i.e. godaddy sysadmins?)
>
> -If you are concerned with all three of these threats then you are 
> probably SOL since a root user can always access memory to view the 
> decrypted content of the files when they are being decrypted for on the 
> fly viewing.

I think there's also a threat situation where non-root users on the server 
can read files in wiki.d/, e.g. 'apache'.  In this case, having the files 
encrypted could help, although key management is still a problem.

/Christian

-- 
Christian Ridderström, +46-8-768 39 44               http://www.md.kth.se/~chr


More information about the pmwiki-devel mailing list