On Sat, 5 Jan 2008, Martin Fick wrote:
3) who has root access on the server (i.e. godaddy sysadmins?)-If you are concerned with all three of these threats then you are probably SOL since a root user can always access memory to view the decrypted content of the files when they are being decrypted for on the fly viewing.
I think there's also a threat situation where non-root users on the server can read files in wiki.d/, e.g. 'apache'. In this case, having the files encrypted could help, although key management is still a problem.
/Christian -- Christian Ridderström, +46-8-768 39 44 http://www.md.kth.se/~chr
_______________________________________________ pmwiki-devel mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-devel
