> information can't leak in principle, but root scores are dangerous, which > is why open-access venti servers are problematic - if such a score > *does* happen to leak, then unconditional access to all your data has > also leaked.
what prevents using a non-root score in a similar fashion? - erik
