Hi lost admin My concern is the one contained in http://tiddlywiki.com/#Saving%20on%20TiddlySpot, since the store.php is the same process as Tiddlyspot.
Dave On Wed, Apr 26, 2017 at 9:08 AM, Lost Admin <[email protected]> wrote: > When you say the insecurity of the store.php approach worries you, what > exactly are you worried about? > > I agree there are security issues with store.php but I have seen far worse > issues in commercial applications. > > Personally, I was concerned that store.php uses cleartext passwords in > it's configuration file. So, I changed my copy to use a hash of the > password (for the technical minded, I used the hash format for Apache > Digest Authentication). > > Store.php has settings to override the tiddlywiki configured filename and > backup directory, I used those to prevent someone from uploading arbitrary > files. > > There is still an issue of brute force password guessing that I haven't > decided how I want to resolve yet. > > On Monday, April 24, 2017 at 4:16:48 PM UTC-4, David Gifford wrote: >> >> >> It does concern me, though, the level of insecurity of the store.php >> approach. So I will still eventually experiment more with Noteself. But to >> be honest I do need the ability to link between files and permalink to >> share with others. >> ... >> > Dave >> >> -- > You received this message because you are subscribed to a topic in the > Google Groups "TiddlyWiki" group. > To unsubscribe from this topic, visit https://groups.google.com/d/ > topic/tiddlywiki/OCUp73Bads0/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/tiddlywiki. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/tiddlywiki/15a32c0d-1bc9-4a0a-8dc4-1f0ba849f031%40googlegroups.com > <https://groups.google.com/d/msgid/tiddlywiki/15a32c0d-1bc9-4a0a-8dc4-1f0ba849f031%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- David Gifford Christian Reformed World Missions, Mexico City -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/CANE%3DBFKQ4_UZQ7GdfvrzYRGkjfd4KzdWpOx_BmUttLu4zQuc-Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
