[pmwiki-devel] Rethinking ZAP permissions
Crisses
crisses at kinhost.org
Thu Nov 16 19:23:51 CST 2006
On Nov 16, 2006, at 10:10 AM, Rodney Morris wrote:
> The question I mentioned on your site (which may or may not have
> spurred on this line of thinking) was whether ZAP could write directly
> to a text file for storing logins and encrypted passwords. I'm trying
> to put my finger on exactly why, but the present method of storing
> login information on wiki pages seems to lack the security of storing
> it in a text file in a separate directory (particularly since the
> password stored by ZAP isn't encrypted). I was very happy when I
> learned that AuthUser allowed alternative storage methods.
Yes, I prefer the htaccess file format, or even better, using a
database myself. I don't need to store MOST data there, but user
logins seem like a good idea, as does any personal identifying
information about users that is not supposed to be public.
I'm hoping the dust around ZAP settles very soon. I'm going to need
it :)
Crisses
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-devel/attachments/20061116/19bba8d6/attachment.html
More information about the pmwiki-devel
mailing list