[pmwiki-devel] encrypted pagestore?

Martin Fick mogulguy at yahoo.com
Sun Jan 6 13:06:46 CST 2008


--- christian.ridderstrom at gmail.com wrote:
> I think there's also a threat situation where
> non-root users on the server 
> can read files in wiki.d/, e.g. 'apache'.  In this
> case, having the files 
> encrypted could help, although key management is
> still a problem.

Sure, but I would just classify that as the same
threat (or maybe less of) as #2:

2) who can sniff your ftp password and therefor even
access the files once they are on the server (sounds
like yes also?)

A local use might be even less of a threat than
someone who has your ftp password.  The local user can
likely only see files that you give world readable
permissions to, the ftp user can see everything you
can see.

-Martin



      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 




More information about the pmwiki-devel mailing list