DreamHost Security Issue
A possible security issue has been brought up in the forum at webhostingtalk.com. In some cases it might be possible for other customers on the same server to read files from your web directory and thereby get access to sensitive files including e.g. passwords. Dallas, one of the founders of DreamHost, explains that the issue is minor, and that it’s up to each customer to secure their files appropriately.
Even though DreamHost considers the issue to be minor, they have decided to change the default permissions on user directories. Accounts created within the last three weeks will already have the newer more restrictive permissions. Other accounts will be updated little by little to avoid any undesired side effects.
In case you’re concerned about this issue you can contact support to have the permissions changed immediately.
Hat tip: Greg
WordPress Security Issue
A pretty bad security exploit was included in WordPress 2.1.1. If you have this version installed you’re strongly encouraged to upgrade as soon as possible. If you’re unable to upgrade at the moment, the DreamHost Status Blog has a temporary solution.