Re: [PHP] How to protect MySQL password
All these solutions are depending (mainly) on having a dedicated server, which I believe would not be the case for 90% of the users on here (don't shoot me if i'm wrong). So far, I can't see how the problem can be solved. My host does not allow telnet/ssh at all which sounds like a good thing! I can put the password file outside the public html, but from i've read in this thread, it looks like other users on a virtual server might be able to gain access to that file using PHP or annother program to read through the hard disk hierarchy. Then there was a suggestion that everything could be wrapped in a PHP-CGI thing, but I don't have PHP as a CGI on my server. What we really need is an expert here to give us the low-down on the best way to accomplish the best security given regular tools. What about encryption? Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
On Tuesday 23 October 2001 23:33, Kurt Lieber wrote: Sorry -- but you're wrong. If you've got php loaded as an apache module in a shared hosting environment, then any file that apache can read, I can gain access to through a simple FTP account and a well-constructed php file using fopen(). Doesn't matter if that file Only if the host has safe_mode disabled or badly misconfigured. - safe_mode, open_basedir in the config section of the manual -- Christian Reiniger LGDC Webmaster (http://lgdc.sunsite.dk/) Very funny, Scotty! Now beam up my clothes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
On Wednesday 24 October 2001 00:30, you wrote: What we really need is an expert here to give us the low-down on the best way to accomplish the best security given regular tools. There isn't a way to solve it within the constraints you've mentioned (shared server at a hosting provider, apache, php-as-a-module) If apache has read access on a file, which it has to have in order to serve it, someone else can get to that file via a PHP/Perl/C/whatever script/program. Yes, you can use a server that has php safe_mode enabled, but that doesn't mean your scripts are safe -- it just means they're safe from being exploited by other php scripts. So, the only way to secure your PHP scripts from prying eyes (in a shared environment) is to upload them with group/world read permissions removed (i.e. chmod 700 or 600) But then Apache can't read that file either. That's where php-cgiwrap comes into play as it acts as an interface between apache and your chmodded 600 file. Basically, if you're on a shared server, you're either going to be buddies with your fellow users and trust them, or you're going to use something like php-cgiwrap which allows you to remove group/world read permissions and still let apache read the file. And, if security is *that* important to you, then you can, of course, use a dedicated server. Then you don't have to worry about other users. --kurt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
On Wednesday 24 October 2001 16:42, Kurt Lieber wrote: On Wednesday 24 October 2001 00:30, you wrote: What we really need is an expert here to give us the low-down on the best way to accomplish the best security given regular tools. There isn't a way to solve it within the constraints you've mentioned (shared server at a hosting provider, apache, php-as-a-module) If apache has read access on a file, which it has to have in order to serve it, someone else can get to that file via a PHP/Perl/C/whatever script/program. Yes, you can use a server that has php safe_mode enabled, but that doesn't mean your scripts are safe -- it just means they're safe from being exploited by other php scripts. If open_basedir is set properly for each user (and safe_mode is on), they can't reach each others' files at least from php. Of course if one can write and run programs with apache's user in another languages (perl, c, whatever) this doesn't help much (unless they can be configured in a similar way). What about encryption? I think the encryption just makes someone's (who wants to steal something) work a little harder. In order to use the encrypted data, you have to decrypt it in php, so your code will contain the enc/decription algorithm and the keys that used. Arpi -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] How to protect MySQL password
Move it outside the document root or put a .htaccess file inside the dir to deny access. This will still allow system access but will prevent other fopen. M: In a PHP application using MySQL i have to connect the database using $iDBhandle = mysql_connect( $sDBhost, $sDBuser, $sDBpsw ); Problem is, that I cannot see any solution to protect the value of $sDBpsw. Of course I wont set the value of $sDBpsw in the same PHP script. I do that including a file pa/pa.php (protected area) but this file also has to have read access to all users and could be read with fopen( URL, r ). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
On Tuesday 23 October 2001 11:13, Andy wrote: Problem is, that I cannot see any solution to protect the value of $sDBpsw. Of course I wont set the value of $sDBpsw in the same PHP script. I do that including a file pa/pa.php (protected area) but this file also has to have read access to all users and could be read with fopen( URL, r ). You need to use a program such as php-cgiwrap to wrap the script so it can be called using your user credentials. Then, you can chmod the file to 700 and it will be protected. Downside; you have to use the cgi version of PHP, rather than the apache module. --kurt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
On Tuesday 23 October 2001 11:20, Matt Williams wrote: Move it outside the document root or put a .htaccess file inside the dir to deny access. This will still allow system access but will prevent other fopen. Either solution still allows anyone with shell access to the machine to read your password. Not an ideal solution for shared hosting environments, but if you're running your own server, it's a great solution. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
I use proftpd, I can setup a chroot for the user that logs in, chroot them to their vhosts dir, move the mysql passwd file out of that dir. now anyone that ftp's in can not read the passwd. as for telnet (shell) access, its rare a user needs that anyhow, if you feel your customers do need that, well its your choice to offer them the security risk or not. I just tell our customers, sorry, nope, to big of a security risk., I have yet to have one complain so badly they switch hosting services. -- Chris Lee [EMAIL PROTECTED] Kurt Lieber [EMAIL PROTECTED] wrote in message 0110231140330C.23909@z8">news:0110231140330C.23909@z8... On Tuesday 23 October 2001 11:20, Matt Williams wrote: Move it outside the document root or put a .htaccess file inside the dir to deny access. This will still allow system access but will prevent other fopen. Either solution still allows anyone with shell access to the machine to read your password. Not an ideal solution for shared hosting environments, but if you're running your own server, it's a great solution. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] How to protect MySQL password
One solution is to depend upon your defaults in /usr/local/lib/php.ini . Then just call mysql_connect() with no arguments or just call mysql_db_query with out the connection parameter and PHP will connect for you. If you are connecting to different MySQL servers this solution is not appropriate. mysql.default_host = localhost mysql.default_user = MySQLUsername mysql.default_password = MySQLPassword -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
On Tuesday 23 October 2001 12:29, Chris Lee wrote: I use proftpd, I can setup a chroot for the user that logs in, chroot them to their vhosts dir, move the mysql passwd file out of that dir. now anyone that ftp's in can not read the passwd. as for telnet (shell) access, its rare a user needs that anyhow, if you feel your customers do need that, well its your choice to offer them the security risk or not. I just tell our customers, sorry, nope, to big of a security risk., I have yet to have one complain so badly they switch hosting services. Sorry -- but you're wrong. If you've got php loaded as an apache module in a shared hosting environment, then any file that apache can read, I can gain access to through a simple FTP account and a well-constructed php file using fopen(). Doesn't matter if that file resides within my vhosts dir or not. I may have to guess at the path a bit, but that's fairly trivial. The only way to protect a file in a shared hosting environment is to use something similar to php-cgiwrap which allows you to chmod the file to remove group/world read access. (If someone knows of another way to do this using the apache php module, please let me (and my ISP) know) Regarding shell access being a security risk, ssh is far, far more secure than FTP can ever hope to be. This is straying off-topic, so we should probably take further discussions offline. Feel free to email me directly if you have questions/disagreements. --kurt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How to protect MySQL password
Kurt Lieber wrote: Regarding shell access being a security risk, ssh is far, far more secure than FTP can ever hope to be. This is why there's FTP over SSH, or sftp. -- W | I haven't lost my mind; it's backed up on tape somewhere. + Ashley M. Kirchner mailto:[EMAIL PROTECTED] . 303.442.6410 x130 IT Director / SysAdmin / WebSmith . 800.441.3873 x130 Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave. #6 http://www.pcraft.com . . .. Boulder, CO 80303, U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]