Clearing DB credentials
Posted: Thu Aug 26, 2010 10:45 am
I just witnessed an interesting technique that got me thinking.
Assuming your entire application uses a front controller and index.php bootstrap. No other point of entry, now assume, you connect to the DB's immediately in the first 2-3 lines of code and once ocnnected, you clear the registry, globals, whatever contains your credentials. Does this improve security?
If someone manages to inject PHP code into your application (either directly a la eval or indirectly via uploaded include or similar) so long as the point of injection is past the point of DB conneciton and clearing, the hacker(s) should, in theory, not be able to echo the DB credentials and obtain those details. This is nice to know, considering my server typically **do** allow remote connections so I can easily manage data from home, etc.
I guess this would put a kybosh on lazy loading connections, and only connecting at the time of requirement, but is it more secure, at least in theory?
On second thought it''s not really of significance to me, as my localhost DB accounts are limited (rarely allowed to delete) an root account details are never sored in INI files or used in PHP scripts, strictly by mean my DB client manager. Still, it got me thinking.
Cheers,
Alex
Assuming your entire application uses a front controller and index.php bootstrap. No other point of entry, now assume, you connect to the DB's immediately in the first 2-3 lines of code and once ocnnected, you clear the registry, globals, whatever contains your credentials. Does this improve security?
If someone manages to inject PHP code into your application (either directly a la eval or indirectly via uploaded include or similar) so long as the point of injection is past the point of DB conneciton and clearing, the hacker(s) should, in theory, not be able to echo the DB credentials and obtain those details. This is nice to know, considering my server typically **do** allow remote connections so I can easily manage data from home, etc.
I guess this would put a kybosh on lazy loading connections, and only connecting at the time of requirement, but is it more secure, at least in theory?
On second thought it''s not really of significance to me, as my localhost DB accounts are limited (rarely allowed to delete) an root account details are never sored in INI files or used in PHP scripts, strictly by mean my DB client manager. Still, it got me thinking.
Cheers,
Alex