--- Octavian Rasnita <[EMAIL PROTECTED]> wrote: > I have also read that pdf document and I have found another > interesting advice. > > The author says that a good way of hiding the username/password > is to put a file that exports 2 environment variables in a directory > that can be read only by the root, then include a call to that file in > httpd.conf in order to let the web server to have access to those > variables.
I can't take credit for thinking of this approach. This comes from David Sklar and Adam Trachtenberg, authors of PHP Cookbook (and others). > Well, I don't really understand why this is so secure. > > I understand that the web server is run by root, which sees that file > and exports the variables, then another user without many > priviledges runs the child process of the web server, but if there are > more than one user that run PHP files or files made in other > languages on that server, they will also be able to see those > environment variables. > > Did I understand correctly? Yes, this is another thing that I mention in the talk but failed to include in the workbook. When this approach is being applied to a shared hosting environment, you want to put the Include directive within a VirtualHost block of httpd.conf, so that it only applies to a single virtual host. Also, each unprivileged child process that handles requests for this virtual host has this sensitive information in memory. So, while the data is safer, it is not completely safe (nothing is). If a user can exploit a vulnerability in your application that lets them execute arbitrary code, they can access this data. Of course, they can do a lot of bad things in this case. :-) Hope that clarifies. Thanks for the feedback. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
