just make sure you restrict all access to your database to localhost or atleast the account for the wiki mysql user
if that is how you setup mysql you can tell people your sql password, it wont matter so long as noone but yourself has access to the system, simple.
dug wrote:
I've noticed that the admin password to the mySQL db is included in plain text in the LocalSettings.php file in my Wiki directory, which is set to 755, readable and executable by the world. Am I being paranoid, or is this a slightly insecure situation?
Can the password be encrypted, or is there some other security measure I should take?
TIA --doug
MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l