Security is an often overlooked feature in web based applications. As a result, many web based applications have large security holes that even the most incompetent hacker can exploit, causing a great deal of damage and annoyance.
Considerable care has been taken to ensure that, given the available programming tools, the default installation of the FUDforum 2.3 is designed to offer the greatest possible security. It would be very difficult if not impossible for a curious user or even a hacker to access your sensitive data.
To achieve this level of security, by default FUDforum 2.3 stores files using the least possible file permissions (0600 for files and 0700 for directories), which allow only the user account under which the web server is running to access FUDforum's files.
On servers that are configured to appropriately switch users for each virtual host (like Apache 2.x) your forum files will be even more secure because they will be accessible by you alone.
Although you may think that giving a web server ownership of the files is equivalent to allowing access to anyone, that is simply not the case. On a secure server, for example, the administrator should implement a PHP open_basedir limitation to restrict PHP scripts from accessing files in directories not owned by a current virtual host, thus preventing access through PHP to source code & data files of FUDforum.
On a properly configured server, any programs running within the CGI wrapper should not be able to access your files because (if a proper suid interface has been implemented by the server administrator) programs within the CGI wrapper should run as the user who executed them.
Consequently, given a well set up server, the forum's data should be quite secure, even on a shared hosting platform.