Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Monday 28 February 2005 19:33, Simon Rees wrote: > You said in that post: "Set default MySQL user and password in your > virtual host container. Then connect to MySQL without specifying user > and password." > > Presumably the file which contains the virtual host directive is > readable by the process the webserver is running as - if not how does > this work? When Apache starts up it does so as root and thus has the necessary privileges to read those files. After it has read all its config files it drops root privileges and assumes which whichever user you have configured httpd to run as. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- New Year Resolution: Ignore top posted posts -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Monday 28 February 2005 10:52, Jason Wong wrote: > > If you don't need the flexibility of the custom program and would rather > make use of existing infrastructure: > > http://marc.theaimsgroup.com/?l=php-general&m=110137778213700&w=2 You said in that post: "Set default MySQL user and password in your virtual host container. Then connect to MySQL without specifying user and password." Presumably the file which contains the virtual host directive is readable by the process the webserver is running as - if not how does this work? Therefore the technique you describe is no more secure than that described earlier of putting the passwords in a file outside the webserver root. The technique I described keeps you passwords secret even if an attacker has read access to files they shouldn't. A similar strategy is used for the shadow password file on Unix boxes. cheers Simon -- ~~ Simon Rees | [EMAIL PROTECTED] | ORA-03113: end-of-file on communication channel ~~ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Monday 28 February 2005 18:44, Simon Rees wrote: > On Sunday 27 February 2005 20:53, Micah Stevens wrote: > > I think about as safe as you can get is by putting the connection > > data out of the served directory, somewhere that's not directly > > accessable, and concentrate on system integrity. (security wise) > > A refinement of this technique is available on Unix boxes to which you > have root access. > Create a simple program that can read data about passwords etc. from a > file. Create a file that can be read by the program you've written with > the 'secrets' you want to keep secure in it. Make this file owned and > readable only by root. > Set the program owned by root, executable by everyone and suid. If you don't need the flexibility of the custom program and would rather make use of existing infrastructure: http://marc.theaimsgroup.com/?l=php-general&m=110137778213700&w=2 -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- New Year Resolution: Ignore top posted posts -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Sunday 27 February 2005 20:53, Micah Stevens wrote: > I think about as safe as you can get is by putting the connection data > out of the served directory, somewhere that's not directly accessable, > and concentrate on system integrity. (security wise) A refinement of this technique is available on Unix boxes to which you have root access. Create a simple program that can read data about passwords etc. from a file. Create a file that can be read by the program you've written with the 'secrets' you want to keep secure in it. Make this file owned and readable only by root. Set the program owned by root, executable by everyone and suid. This will allow any user that can execute programs on the machine to obtain the password. Attackers who have just 'escaped' the web server root, say by taking advantage of a coding flaw, will not be able to read the password file. You can use groups to give finer grained access by making the program executable by a specific group only. However if an attacker has managed to obtain an account on your box they could probably just use a rootkit. In practice I use a simple c program (for speed) to read the password file and a system call in my php script to call the c program. A PHP program could be used for reading the password file but will need to be executed by a shebang rather than as a parameter to php. I can post further details if anyone is interested. cheers Simon -- ~~ Simon Rees | [EMAIL PROTECTED] | ORA-03113: end-of-file on communication channel ~~ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
> > The original question was concerning that if someone somehow had access to > the file which stored the connections details then they would be able to > use it to connect to the mysql server. Now if someone somehow had access > to your key then it's game over for you. Unless you password protected > your key which -- would be extremely impractical. > Well, considering that ultimate security is argueably impossible, one needs to ride a fine line between impractical and safe. You have a good point though, in that PHP has to have access to the private key in order to encrypt the information, and we're already assuming the the php script lives in an insecure environment, so in that case, it's no more secure than the original plaintext solution. The developer needs to set up a situation where the connection details are secured and only the php process can access them even if the php script itself is compromised. This is tough as if someone compromises the script contents itself, they could very likely have access to change it, and therefore have access to the php process as well. I think about as safe as you can get is by putting the connection data out of the served directory, somewhere that's not directly accessable, and concentrate on system integrity. (security wise) This of course was the suggestion of several others initially. -Micah -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Sunday 27 February 2005 07:11, Micah Stevens wrote: > Well, yes, but as my key is never transmitted from client to server, > it's safer. ;) > > I encrypt a connect request with my private key, which is can be > unencrypted by the public key, but the server knows it's me because > only the private key can make the encryption. The message is sent over > the network, but none of the tools to create it or read it are. The original question was concerning that if someone somehow had access to the file which stored the connections details then they would be able to use it to connect to the mysql server. Now if someone somehow had access to your key then it's game over for you. Unless you password protected your key which -- would be extremely impractical. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- New Year Resolution: Ignore top posted posts -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
Well, yes, but as my key is never transmitted from client to server, it's safer. ;) I encrypt a connect request with my private key, which is can be unencrypted by the public key, but the server knows it's me because only the private key can make the encryption. The message is sent over the network, but none of the tools to create it or read it are. -Micah On Friday 25 February 2005 08:59 pm, Jason Wong wrote: > On Saturday 26 February 2005 04:16, Micah Stevens wrote: > > I was just thinking that a better way to do this is with a > > public/private key set. Then it would be secure, but as someone else > > mentioned, you'd have to patch the source to make it work. > > How would it be safer? Correct me if I'm wrong: if I have access to your > key then I can connect. > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.biz > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > -- > Search the list archives before you post > http://marc.theaimsgroup.com/?l=php-db > -- > New Year Resolution: Ignore top posted posts -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Saturday 26 February 2005 04:16, Micah Stevens wrote: > I was just thinking that a better way to do this is with a > public/private key set. Then it would be secure, but as someone else > mentioned, you'd have to patch the source to make it work. How would it be safer? Correct me if I'm wrong: if I have access to your key then I can connect. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- New Year Resolution: Ignore top posted posts -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
You can't unhash MD5.. it's one way only. You could encrypt something and unencrypt it later, but it's not clear what advantage you would get out of what you're saying. Perhaps I don't understand, but if you have a separate connection file, why would you need to pass a password at all? -Micah On Friday 25 February 2005 09:11 am, Bob Sherer wrote: > You could programmatically build the connection string in the php > connection file, couldn't you? Have a line that sets a variable equal to > the MD5 hashed value. Then, build the connection string, applying a call > to a function that unhashes the password. That way, the password itself > never appears in code. > > I don't know a thing about unhashing MD5 encrypted strings. Sorry I can't > help you there. But, it sounds like you've already found that info. > > Good luck, > > Bob Sherer > > -Original Message- > From: Jon-Eirik Pettersen [mailto:[EMAIL PROTECTED] > Sent: Thursday, February 24, 2005 10:54 AM > To: Gael Lams > Cc: php-db@lists.php.net > Subject: Re: [PHP-DB] password in md5 to connect to mysql instead of > clear password > > On Thu, 24 Feb 2005 02:37:01 -0800 (PST), Gael Lams <[EMAIL PROTECTED]> wrote: > > Hi all > > > > I use the classic following rows to connect to a mysql > > database. I always put $passsword in clear in the php > > connection file and I wonder whether there is a way to > > have it in md5 so that someone reading the file could > > not use it to connect to the db. I googled a bit but > > find only threads explaining how to have password > > saved in md5 inside a mysql table which is not I would > > like to do > > Because MySQL is using another password-hashing-algoritm other than > MD5, as far as I know, it is not possible. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] password in md5 to connect to mysql instead of clear password
You could programmatically build the connection string in the php connection file, couldn't you? Have a line that sets a variable equal to the MD5 hashed value. Then, build the connection string, applying a call to a function that unhashes the password. That way, the password itself never appears in code. I don't know a thing about unhashing MD5 encrypted strings. Sorry I can't help you there. But, it sounds like you've already found that info. Good luck, Bob Sherer -Original Message- From: Jon-Eirik Pettersen [mailto:[EMAIL PROTECTED] Sent: Thursday, February 24, 2005 10:54 AM To: Gael Lams Cc: php-db@lists.php.net Subject: Re: [PHP-DB] password in md5 to connect to mysql instead of clear password On Thu, 24 Feb 2005 02:37:01 -0800 (PST), Gael Lams <[EMAIL PROTECTED]> wrote: > Hi all > > I use the classic following rows to connect to a mysql > database. I always put $passsword in clear in the php > connection file and I wonder whether there is a way to > have it in md5 so that someone reading the file could > not use it to connect to the db. I googled a bit but > find only threads explaining how to have password > saved in md5 inside a mysql table which is not I would > like to do Because MySQL is using another password-hashing-algoritm other than MD5, as far as I know, it is not possible. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
[never made it to list, no idea why - been 26 hours - resending.] [ may have been since it had reply-to field before to - funny...] Gael Lams wrote: Hi all I use the classic following rows to connect to a mysql database. I always put $passsword in clear in the php connection file and I wonder whether there is a way to have it in md5 so that someone reading the file could not use it to connect to the db. I googled a bit but find only threads explaining how to have password saved in md5 inside a mysql table which is not I would like to do [snip] No. Think about it - if your script is able to connect using this MD5 hash of the password - anyone who could read that script could similarly just connect using the MD5. Store your password in an included file outside of the webroot. Cheers, -- - Martin Norland, Sys Admin / Database / Web Developer, International Outreach x3257 The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
I was just thinking that a better way to do this is with a public/private key
set. Then it would be secure, but as someone else mentioned, you'd have to
patch the source to make it work.
-Micah
On Friday 25 February 2005 07:29 am, Robby Russell wrote:
> On Thu, 2005-02-24 at 02:37 -0800, Gael Lams wrote:
> > Hi all
> >
> > I use the classic following rows to connect to a mysql
> > database. I always put $passsword in clear in the php
> > connection file and I wonder whether there is a way to
> > have it in md5 so that someone reading the file could
> > not use it to connect to the db. I googled a bit but
> > find only threads explaining how to have password
> > saved in md5 inside a mysql table which is not I would
> > like to do
> >
> > Regards,
> >
> > Gal
> >
> > function SQLConnect()
> > {
> > $server_name = 'localhost';
> > $db_name = 'cmsdb';
> > $user_name = 'user';
> > $password = 'clearpassword';
> >
> > if (!$dbconnect =
> > mysql_connect($server_name, $user_name, $password))
> > {
> > echo "Connection failed to the
> > host 'localhost'.";
> > exit;
> > }
> > if (!mysql_select_db($db_name))
> > {
> > echo "Cannot connect to
> > database '.$db_name.'";
> > exit;
> > }
> > }
>
> You could probably do this if you managed to take the mysql source code
> and changed the login functions.
>
> ..but if someone can see your password in MD5 format..could they then
> not login with the same privileges as with your plain text?
>
> -Robby
>
> --
> /***
> * Robby Russell | Owner.Developer.Geek
> * PLANET ARGON | www.planetargon.com
> * Portland, OR | [EMAIL PROTECTED]
> * 503.351.4730 | blog.planetargon.com
> * PHP/PostgreSQL Hosting & Development
> * --- Now hosting Ruby on Rails Apps ---
> /
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Thu, 2005-02-24 at 02:37 -0800, Gael Lams wrote:
> Hi all
>
> I use the classic following rows to connect to a mysql
> database. I always put $passsword in clear in the php
> connection file and I wonder whether there is a way to
> have it in md5 so that someone reading the file could
> not use it to connect to the db. I googled a bit but
> find only threads explaining how to have password
> saved in md5 inside a mysql table which is not I would
> like to do
>
> Regards,
>
> Gal
>
> function SQLConnect()
> {
> $server_name = 'localhost';
> $db_name = 'cmsdb';
> $user_name = 'user';
> $password = 'clearpassword';
>
> if (!$dbconnect =
> mysql_connect($server_name, $user_name, $password))
> {
> echo "Connection failed to the
> host 'localhost'.";
> exit;
> }
> if (!mysql_select_db($db_name))
> {
> echo "Cannot connect to
> database '.$db_name.'";
> exit;
> }
> }
You could probably do this if you managed to take the mysql source code
and changed the login functions.
..but if someone can see your password in MD5 format..could they then
not login with the same privileges as with your plain text?
-Robby
--
/***
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON | www.planetargon.com
* Portland, OR | [EMAIL PROTECTED]
* 503.351.4730 | blog.planetargon.com
* PHP/PostgreSQL Hosting & Development
* --- Now hosting Ruby on Rails Apps ---
/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
Not answering your question but I'd put the connect info into a separate
include file. This should then be placed in a directory that can be
accessed by the Web Server but not by any other user (except root). Then
when you need to establish a connection you just need to include the file.
graeme.
Gael Lams wrote:
Hi all
I use the classic following rows to connect to a mysql
database. I always put $passsword in clear in the php
connection file and I wonder whether there is a way to
have it in md5 so that someone reading the file could
not use it to connect to the db. I googled a bit but
find only threads explaining how to have password
saved in md5 inside a mysql table which is not I would
like to do
Regards,
Gaël
function SQLConnect()
{
$server_name = 'localhost';
$db_name = 'cmsdb';
$user_name = 'user';
$password = 'clearpassword';
if (!$dbconnect =
mysql_connect($server_name, $user_name, $password))
{
echo "Connection failed to the
host 'localhost'.";
exit;
}
if (!mysql_select_db($db_name))
{
echo "Cannot connect to
database '.$db_name.'";
exit;
}
}
__
Do you Yahoo!?
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
http://info.mail.yahoo.com/mail_250
--
Experience is a good teacher, but she sends in terrific bills.
Minna Antrim
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
Nope, the login function uses cleartext. Put your connect function in a
seperate file in a secure directory, and include() it to make the connection.
That seems to be the way to do it, someone else may have a better idea.
-Micah
On Thursday 24 February 2005 02:37 am, Gael Lams wrote:
> Hi all
>
> I use the classic following rows to connect to a mysql
> database. I always put $passsword in clear in the php
> connection file and I wonder whether there is a way to
> have it in md5 so that someone reading the file could
> not use it to connect to the db. I googled a bit but
> find only threads explaining how to have password
> saved in md5 inside a mysql table which is not I would
> like to do
>
> Regards,
>
> Gaël
>
> function SQLConnect()
> {
> $server_name = 'localhost';
> $db_name = 'cmsdb';
> $user_name = 'user';
> $password = 'clearpassword';
>
> if (!$dbconnect =
> mysql_connect($server_name, $user_name, $password))
> {
> echo "Connection failed to the
> host 'localhost'.";
> exit;
> }
> if (!mysql_select_db($db_name))
> {
> echo "Cannot connect to
> database '.$db_name.'";
> exit;
> }
> }
>
>
>
> __
> Do you Yahoo!?
> Yahoo! Mail - Easier than ever with enhanced search. Learn more.
> http://info.mail.yahoo.com/mail_250
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
Gael Lams wrote: Hi all I use the classic following rows to connect to a mysql database. I always put $passsword in clear in the php connection file and I wonder whether there is a way to have it in md5 so that someone reading the file could not use it to connect to the db. I googled a bit but find only threads explaining how to have password saved in md5 inside a mysql table which is not I would like to do [snip] No. Think about it - if your script is able to connect using this MD5 hash of the password - anyone who could read that script could similarly just connect using the MD5. Store your password in an included file outside of the webroot. Cheers, -- - Martin Norland, Sys Admin / Database / Web Developer, International Outreach x3257 The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] password in md5 to connect to mysql instead of clear password
On Thu, 24 Feb 2005 02:37:01 -0800 (PST), Gael Lams <[EMAIL PROTECTED]> wrote: > Hi all > > I use the classic following rows to connect to a mysql > database. I always put $passsword in clear in the php > connection file and I wonder whether there is a way to > have it in md5 so that someone reading the file could > not use it to connect to the db. I googled a bit but > find only threads explaining how to have password > saved in md5 inside a mysql table which is not I would > like to do Because MySQL is using another password-hashing-algoritm other than MD5, as far as I know, it is not possible. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
