Hi Tim,
----- Original Message -----
From: "Tim Hewitt" <[EMAIL PROTECTED]>
> It would be nice if mySQL supported some form of encrypted
> login where the username and password could be decrypted
> internally somehow.
Security through obscurity isn't REALLY safe. It just hides it a bit.
Anyone could still get to it, with a bit of effort.
> Perhaps a test on what directory the script is running from...
> I don't know, I'm reaching here. It just seems that between the lack
> of a unique username running Apache in a directory on a virtual
> server, and the common practice for usernames and passwords
> to be stored in plain text for use by scripting languages, a more
> systematic approach to securing access would be useful.
> Maybe I'm missing something else I could be doing here. Any ideas?
You can make PHP real picky by using safe_mode and other security
settings (see PHP manual). For example, when safe_mode is on, PHP checks
to see if the owner of the current script matches the owner of the file
to be operated on by a file function. In other words, with PHP's global
configuration set like that, other PHP users will not be able to even
read your files. Problem 100% solved.
I used to go the easy road and use a fairly generic config for PHP, with
register_globals and so on.... however, this is insecure both from the
inside as well as the outside. For instance, people will be able to feed
your scripts some extra global variables by simply putting them in the
URL! They could stumble upon one that you actually use but forget to
initialise. Now there's potential!
So, now I use safe_mode and a whole lot of other stringent settings. You
will need to rewrite your PHP code a bit, but it is good practise.
Regarding the example above: I also develop my code with all warnings on
(level 15), so PHP warns about using an uninitialised variable.
Below are some PHP configuration settings that you might want to use:
[snip]
; After this your current scripts won't run, that's for sure! ;-)
; You will need to start using $HTTP_POST_VARS[] instead of the
global vars, and possibly heaps more.
; But it's worth it!
; The settings are not only for security, but also to enforce some
good code design behaviour
; (which will indirectly be good for security, too!)
; If you use these settings and have a suggestion or other feedback,
; please e-mail [EMAIL PROTECTED] (Arjen Lentz).
asp_tags=Off
short_open_tag=Off
allow_url_fopen=Off
warn_plus_overloading=1
;doc_root =...
;open_basedir=...
ignore_user_abort =1
max_execution_time=60
display_errors=1 ; Set to 0 for production.
log_errors=1
error_log =<yourpath>/logs/phperror.log
error_reporting=15
html_errors=1
define_syslog_variables=Off
;variables_order="EGPCS"
magic_quotes_gpc=1
register_globals=Off
register_argc_argv=Off
safe_mode=1
disable_functions=readfile,system
enable_dl=Off
file_uploads=Off ; Enable if you actually use this.
post_max_size=32K
[snap]
Remember that websites are open to the world. There's always some
nutcase out there with too much time on their hands; and that's just the
harmless ones! If someone really wants to do damage, I wouldn't want to
make it too easy for them....
Right, and now back to our MySQL topic! ;-)
We'll be sure to include this kind of security information in our "Using
PHP with MySQL" courses that are being developed.
Regards,
Arjen.
--
MySQL Training Worldwide, http://www.mysql.com/training/
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Mr. Arjen G. Lentz <[EMAIL PROTECTED]>
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB, Technical Writer
/_/ /_/\_, /___/\___\_\___/ Brisbane, QLD Australia
<___/ www.mysql.com
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
