[Moin-user] will moin-moin be adapted to my needs? (corporate wiki)
Thomas Waldmann
tw at waldmann-edv.de
Thu Mar 3 08:22:25 EST 2005
> well designed, python, file upload support, simple, ACL's.
We try to make it even better in 1.4. :)
I see you have already got some answers concerning ACLs, so just my
additions:
> /Public/PublicDocument1 -> rw access for everybody
> /Public/PublicDocument2 -> rw access for everybody
As long as we don't have hierarchical ACLs or sub wikis, you don't have
an advantage by making such more or less "deep" structures - in
contrary, toplevel pages are linked easier...
> About security, I'd like to use the wiki to store
> some sensitive passwords (each of these "customers" have servers):
> how would you do that?
In any way, please don't put them on a public wiki as cleartext, not
even with ACL protection. :)
We try to avoid ACL bugs, but you know: shit happens...
And as long you do it via http:, wiki pages go as cleartext across the
net. On the file system, they are also stored as cleartext.
> I'm thinking about using
> a kind of "gpg" pad, and store only some blocks like
> "gqQXy5kJIlB4sGxJE+u0DbvPdX5U2mLFMxULL2kK0YIpOU734EywLi65XxHEKlXV
> sOOyskZs/BjIJmWoBsOMIujUMbMYlk4UoSSLyP8zJyuRwCob41zhed2CMG3CTLXE"
>
> To get the cleartext data, the user should than copy paste
> these line somewhere and give in the "secret" key (not stored on the
> wiki). Does it sound ok?
Idea sounds nice. If you could do some python code for making that easy
usable AND secure, I am sure that quite some people could use that.
Thomas
More information about the Moin-user
mailing list