[pmwiki-devel] encrypted pagestore?
christian.ridderstrom at gmail.com
christian.ridderstrom at gmail.com
Sun Jan 6 05:29:49 CST 2008
On Sat, 5 Jan 2008, Martin Fick wrote:
> 3) who has root access on the server (i.e. godaddy sysadmins?)
>
> -If you are concerned with all three of these threats then you are
> probably SOL since a root user can always access memory to view the
> decrypted content of the files when they are being decrypted for on the
> fly viewing.
I think there's also a threat situation where non-root users on the server
can read files in wiki.d/, e.g. 'apache'. In this case, having the files
encrypted could help, although key management is still a problem.
/Christian
--
Christian Ridderström, +46-8-768 39 44 http://www.md.kth.se/~chr
More information about the pmwiki-devel
mailing list