When you say the insecurity of the store.php approach worries you, what exactly are you worried about?
I agree there are security issues with store.php but I have seen far worse issues in commercial applications. Personally, I was concerned that store.php uses cleartext passwords in it's configuration file. So, I changed my copy to use a hash of the password (for the technical minded, I used the hash format for Apache Digest Authentication). Store.php has settings to override the tiddlywiki configured filename and backup directory, I used those to prevent someone from uploading arbitrary files. There is still an issue of brute force password guessing that I haven't decided how I want to resolve yet. On Monday, April 24, 2017 at 4:16:48 PM UTC-4, David Gifford wrote: > > > It does concern me, though, the level of insecurity of the store.php > approach. So I will still eventually experiment more with Noteself. But to > be honest I do need the ability to link between files and permalink to > share with others. > ... > Dave > > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+unsubscr...@googlegroups.com. To post to this group, send email to tiddlywiki@googlegroups.com. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/15a32c0d-1bc9-4a0a-8dc4-1f0ba849f031%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
