I'ld disagree (surprise). Every little bit helps. A person snooping around where they shouldn't might not know how to decrypt stuff they find. It depends on what attacks you think are likely to occur against you.Stoker wrote:mandio, what will you be using it for and in what kind of environment? If you are having a shared account, and your scripts are world readable, your key is no safer than the data and there is no point in encrypting at all..
But, yes, if you're on a shared server, I'ld look to get off. I know various hosting services offer "virtual machines" in many cases this is a good enough compromise between shared/dedicated that will keep the other hostee out of your files.