"Jens Frank" jf@mormo.org wrote in message news:20071218061853.GA5859@mormo.org...
On Tue, Dec 18, 2007 at 01:29:15PM +0800,
jidanni@jidanni.org wrote:
Just how dangerous could a mysql dump be in the wrong hands? I suppose they couldn't extract all one's Users' passwords, only cookies?
Although passwords are not stored in cleartext, it would be possible to gather a lot of passwords using dictionary attacks.
Additionally, mysql dumps would contain email addresses and other private data.
And of course the full text of your wiki, which could contain confidential information (depending on what you use your wiki for).
- Mark Clements (HappyDog)