The point of the hash is that it doesn't matter who sees the data, right? username | passwordhash | ipaddress | permission adam | AALKJA2344AFDS | 10.1.1.1 | rwxrwxr-- jake | 45324AFSDAF3423 | 10.1.1.1 | rwxrwxr-- tyrone | AALKJFF323FSDAF | 10.1.1.1 | rwxrwxr--
All you can ever do is compare the username passwordhash combo to what's in the database. There's no way to find the password from this. What is important though, is to make sure that nobody (except where necessary) has insert/update access to the table. One thing I would not recommend doing (because I hate enums and sets), but would be helpful, is defining the acceptable Ip addresses in the column definition using enum. > -----Original Message----- > From: Lefevre, Steven [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 12, 2003 5:00 PM > To: [EMAIL PROTECTED] > Subject: Designing a secure database? > > > I'm working on a website/database deal, and right now I'm > designing the > security model. > > It's using LAMP(HP), so all the tricks are going to be through PHP. > > First off, this will be behind a firewall with SSL > encryption. We may also > setup some kind of VPN tunneling.I'll be ignoring other > security details > that don't apply to the problem at hand, but please feel free > to suggest. > > I'm going to have users enter a username and password, with > PHP emulating > the htaccess dialogue boxes. I would like to check the > entered values in a > permissions table. This table looks like: > > username | passwordhash | ipaddress | permission > > All users will have a static IP, so they have to match the > username-password-ipaddress combination. I'm storing the > passwords as an MD5 > hash in case someone breaks in and reads the table. > > So what MySQL user does PHP log onto as the database as, in > order to read > the permissions table? (After that, we just go with the logged user's > permission). If I make a special user that just has > permission to read the > permission table, do I have to store that user's password > plaintext in a php > script somewhere, thus adding a security risk if someone were > to get a hold > of that password? > > Steve > > > -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]