Hi, list. We are using mediawiki like a repository for a technical documentation about our IT infrastructure. We whant to store some passwords in mediawiki, for example, lyke mysql passwords. But page with passwords should be accessible only by administration group. Maybe somebody who knows tricks how we can realize this? Or maybe exists some plugins for mediawiki?
Hey,
Why would you want to store passwords in a wiki? They are not really something you collaboratively edit.
In any case, MediaWiki is not build with the idea of hiding content in mind, so I highly recommend against using it to store passwords.
Cheers
-- Jeroen De Dauw http://www.bn2vs.com Don't panic. Don't be evil. --
Thanks for your answer. We going to search other way to store our passwords.
On Fri, 11 Mar 2011 14:59:48 +0100 Jeroen De Dauw jeroendedauw@gmail.com wrote:
Hey,
Why would you want to store passwords in a wiki? They are not really something you collaboratively edit.
In any case, MediaWiki is not build with the idea of hiding content in mind, so I highly recommend against using it to store passwords.
Cheers
-- Jeroen De Dauw http://www.bn2vs.com Don't panic. Don't be evil. -- _______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
On 11 March 2011 14:15, Vitaly Liaschuk larinus@gmail.com wrote:
Thanks for your answer. We going to search other way to store our passwords.
What we do is have a file readable only by root stored in a particular place, known to the sysadmins, our boss and our boss's boss (the latter two not using it, but knowing that this is the "everyone hit by a bus" document). The file in question is referred to on the wiki as "password in the usual place." A suitable combination of actual security and a bit of obscurity ;-) The threat model is not a malicious intruder, but a well-meaning co-worker - the latter is ten times as damaging.
- d.
Hee hee. I just have to say that this reminds me of the old saying, "Hey, boss, how about I fix it! I've never worked on a transmission before...." ;)
----- Original Message -----
The threat model is not a malicious intruder, but a well-meaning co-worker
- the latter is ten times as damaging.
Or you can use a very simple method of putting the passwords inside a sealed envelope and in a not too obvious place known only to those who have to know.
If the envelope is opened (e.g. during your holiday) it's time to change the critical passwords.
Greetings Kate
Am 11.03.2011 14:54 schrieb Vitaly Liaschuk:
Hi, list. We are using mediawiki like a repository for a technicaldocumentation about our IT infrastructure. We whant to store some passwords in mediawiki, for example, lyke mysql passwords. But page with passwords should be accessible only by administration group. Maybe somebody who knows tricks how we can realize this? Or maybe exists some plugins for mediawiki?
mediawiki-l@lists.wikimedia.org