Page 1 of 1
how to stop others from running my scripts
Posted: Thu Apr 08, 2004 7:46 am
by dsdsdsdsd
hello; I apologize for the long post;
how do we protect our scripts from other people;
if the scripts are sitting on a web-server then they are accessible to anyone;
in order to access MySQL,on the other hand, a script has to send to the db-server a username/password; the script should be set up to request a username/password from a user which can then be passed on to the db-server;
however this is not the case when a script is attempting to access other files on the same web-server(especially in the same directory); there is not an opportunity to tell the web-server who you are;
in effect, if I have written a script.php that interacts with other files, it is, from a web-server's point-of-view, trusted by all other files on that web-server (especially in the same directory);
question1) is there a way to have a script send to a web-server a username/password for that web-server;
question2) T or F: if a user can run a script then that user could access any files in that directory (obviousely a script could request a script username/password but that is not literally the same thing as a web-server username/password which is not literally the same thing as a db-server username/password);
thanks for your time
Shannon Burnett
Posted: Thu Apr 08, 2004 11:30 am
by phait
hi,
1. first of all, can you not provide some authentication yourself? Either by using a .htaccess file in apache and using HTTP_AUTH variables or by using some sort of phpsession based authentication. You can then check for those variable[s] each time you perform an action and dump the user if the test fails.
It seems to me that your first and possibly only line of defence is to make sure that whoever has access to this script needs to be authorised in some way.
1a. Would it possibly be too much work to adapt the script so that levels of actions have permissions assigned to them. So that your script needs a username / password combination verification to perform certain actions. A low level may allow the user to view the contents of the directory whilst a higher level would be needed to modify or delete them. You can then log actions to another file based in a directory not accessible by the script so you have an audit trail... is this too much?
2. from what I can understand of your question I would say False. For instance I can see a webpage whcih is essentially a file in a web directory but I cannot neccessarily run a script or access other files in that directory. Turning of directory browsing would be a simple way for a start, as would checking what files your script[s] can actually see.
hth
Posted: Thu Apr 08, 2004 12:52 pm
by dsdsdsdsd
hello phait;
thanks for your response;
however, I think you are a bit above my head; I looked up htaccess under the
http://www.php.net Apache section and decided that I was barking up the wrong tree until I have a week or two to really get into Apache related things;
HOWEVER your statement "have permissions assigned to them" sounds like something I would like to know more about;
how do you assign permissions to something - I suppose to a session maybe?
thanks
Shannon Burnett
Posted: Thu Apr 08, 2004 6:20 pm
by phait
hi,
yeah I suppose you could do it like that. If you want to keep it all in the one script and you are not using a db to manage user access and want to stay away from sessions then you could even have a small form with a dropdown box and a text input for a password. Then simply get the user to define the action they want to do and ask for a passphrase before allowing them to do.
For example, the dropdown could have the values:
- view files
- edit files
- delete files
The user selects one and enters a passphrase. You then take the values and compare the action required and check if the passphrase is associated with that action - you can do this a number of ways such as in 'if / else' construct or in an array and checking for the passphrase in an array associated with the action to perform.
If the passphrase is valid, then you run the function to perform that action, if not, you tell them they are not allowed to do so send them back to a page with a form to get them to authorise themselves again.
You could put the passphrase into a session var if you wanted to. However, it is not so much using sessions that gives you permissions, but rather the fact the you perform a decent check to make sure the person has the permission to do what they want.
I guess you have to ask the questions:
-are the actions offered by the script absolutely necessary? (if its just a file / dir viewer then do you really need to have the ability to edit / delete files / dirs for example?)
- would I actually keep any data in those folders that I would hate to lose / be viewed?
if yes
- how much effort is required to make me comfortable that the script can only be used by people I authorise?
- is that effort worth it for the intended task / cost?
if no
- then does it really matter if somebody messed with it?
- is my page really going to be found or likely to be targeted by people?
I guess you just have to be careful really, I mean if you were like offering this as a service to others and other people can come in and just mess with someone else's files then that could be a major pain for you. But, if its just something for you and have nothing up there which you wouldn't mind losing or being discovered then is there really any need for a permission check. It sounds like you may have something you don't want to share and therefore you need to invest some effort into working out the best way to protect it and be comfortable that you have done the best you can to protect it. Just google something similar to "php authorization tutorials", read and then code until you're happy.
hth