[Mediawiki-l] page protection through encryption?

Frederik Dohr fdg001 at gmx.net
Wed Aug 15 10:16:36 UTC 2007


Hello all,

As we know, one of the most commonly requested features is per-page 
protection / ACLs.
That's obviously problematic[1] because MW was never designed for this.

However, what if the respective wiki page's contents were en- and 
decrypted (e.g. with JavaScript[2])?

As far as I can tell, that would circumvent the most common problems 
(like transclusion workarounds).

(I just had this idea when looking at the TiddlerEncryptionPlugin[3] for 
TiddlyWiki[4] - so it might not be well thought through!?)

Any comments?


-- F.


[1] cf. 
http://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions

[2] Relying on client-side functionality would be somewhat problematic, 
obviously - but not really a huge issue, especially if it only affects a 
few sensitive pages. Plus in corporate intranets, where per-page 
restrictions are probably needed most, there should be a pretty 
homogeneous environment, which makes it easy to ensure that JavaScript 
is available.

[3] http://tinyurl.com/23g65m
(http://remotely-helpful.com/TiddlyWiki/TiddlerEncryptionPlugin.html#TiddlerEncryptionPlugin)

[4] http://www.tiddlywiki.com



More information about the MediaWiki-l mailing list