And because it is almost certainly going to be the next suggestion, disabling the part that lets it run shell scripts isn't enough to make it safe. Someone could still get into the wiki do whatever they want, and possibly install a javascript plugin in the wiki that, while it would only take effect after the server part is restarted, could do whatever they want it to do.
With proper authentication than you can avoid a lot of these problems, but I don't know of any authentication methods that I would trust enough to use like that. This is different than a normal server where you can use https and have signed certificates to help with the authentication and security. -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/a3c84a6e-11d2-4698-adfa-2e527ad9692b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
