Page 1 of 1

database passwords

Posted: Thu Apr 03, 2008 8:37 pm
by s.dot
When designing an application that requires storage of the database password to connect to the database

e.g.

Code: Select all

mysql_connect($cfg->host, $cfg->user, $cfg->password);
Where do you store that? Obviously you can't hash it. And storing it in the database itself would be bad.

EDIT| I guess it doesn't make much sense to store such details in a database. Lol, I don't know what I was thinking. Where would such details go?

Re: database passwords

Posted: Thu Apr 03, 2008 11:29 pm
by John Cartwright
Typically in a flatfile that is secure from the outside world, albeit outside the webroot or protected through .htaccess (preferably the former)

Re: database passwords

Posted: Fri Apr 04, 2008 10:38 am
by pickle
Jcart wrote:outside the webroot
Is that really necessary? As long as the script doesn't output the password to the screen it should be pretty protected from the world.

If I've got lots of different apps & databases on one box, I store the credentials in an include file.

If I've got a box dedicated to one system, I store the credentials right in the DB abstraction constructor function. That eliminates it from any variable space so I can print_r() to my hearts content without worrying about the credentials being dumped to the screen.

Re: database passwords

Posted: Fri Apr 04, 2008 1:11 pm
by allspiritseve
pickle wrote:Is that really necessary?
It is possible for php scripts to be displayed and not parsed on screen, so people can view the code. I don't know how, but I know that it can happen. So keeping it below the webroot protects against that being a security risk.

Re: database passwords

Posted: Fri Apr 04, 2008 1:52 pm
by Mordred
Include file with config data, and I unset it after connecting.

Re: database passwords

Posted: Tue Apr 08, 2008 8:31 pm
by baileylo
allspiritseve wrote:
pickle wrote:Is that really necessary?
It is possible for php scripts to be displayed and not parsed on screen, so people can view the code. I don't know how, but I know that it can happen. So keeping it below the webroot protects against that being a security risk.
The php parser on the site could go down, that would then just display all php code to the screen including your password. I prefer to put my db connect information one level above webroot as well.