[Pmwiki-users] Easily Hackable?

[H. Fox]

Do the client's wiki pages need to be publicly editable?

If not, how about having the public pages exist on a read-only version 
of the wiki and the editable, read-write version behind a firewall 
and/or in a password-protected directory on an SSL server?

You could use HTTP authentication by group and give people their 
individual user passwords that way, correct?.  How to replicate is an 
implementation detail -- maybe use rsync or even mirrordir.  The point 
is: it should be possible / practicable to have a read only public 
version and a read-write private version of the same site.

Another possibility: Could the same wiki.d directory somehow be 
read-only for the public wiki and read-write for the password-protected 
version?

Hagan

Greg Morgan wrote:

> KC Patrick wrote:
> 
>> I had a non-profit client reject my proposal for implementing a wiki 
>> because they heard wikis are "hackable" and are concerned because an 
>> affiliate had porn and other stuff put onto their site.
>>  
>> So, besides "the usual lecture" about security (in the documentation), 
>> what are the experiences of more learn-ed PmWiki-ers here on security 
>> issues and what should I communicate to future clients about security 
>> and PmWiki?
>>  
>> Thanks,
>>  
>> kcpatrick
>> ------------------------------------------------------------------------
>> Do you Yahoo!?
>> *Yahoo! Finance Tax Center* <http://taxes.yahoo.com/filing.html> - 
>> File online. File on time. 
> 
> 
> Well... unless you put a write password on all the pages Wikis are 
> pretty insecure, in that anyone can edit them.  So if your client is 
> looking to create a publicly viewable page that can only be edit by 
> their staff, then a wiki might not be the way to go.  Unless you use a 
> Wiki that has user based authentication that's going to be an 
> unavoidable problem.
> PmWiki has per-group and per-page passwords that can be set, but that 
> has three big draw backs.
> 
>   1. If the admin decides to change the password to a group or page, he
>      has to distribute that password to everyone who needs it.
>   2. Passwords are sent to the server in plaintext.  This could be
>      helped somewhat if https were used in posting the authentication
>      form.  But as it stands now, even if passwords are used they're
>      pretty easy to sniff.  (note: this is something that isn't a wiki
>      specific problem and could be pretty easily fixed)
>   3. There's no relation between the password used and the Author of a
>      given page. (i.e. It would be pretty easy to make a change to a
>      page and for the Author put in your name of Pm's.  Unless you were
>      familiar with what IP address Pm posts from, you wouldn't be able
>      to tell)
> 
> So to make PmWiki more secure we need user based authentication, 
> preferable with the option to have the login form post using HTTPS.
> 
>