Hide Database Password from the Server Admin

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
cygital
Forum Newbie
Posts: 4
Joined: Mon Nov 03, 2008 4:11 am
Location: Abuja, Nigeria
Contact:

Hide Database Password from the Server Admin

Post by cygital »

I have been so interested in php security lately. I have been trying to figure out whether it is possible to hide database password from the server admin.

You know, normally you would write
mysql_connect("host", "username", "password");

Problem:
1. Admin can access to whatever file you placed the above.

Earlier I read that you can use setenv to create something like $_SERVER['NNTP_PASS']

misc_config.cnf
SetEnv NNTP_LOGIN "login"
SetEnv NNTP_PASS "passwd"
SetEnv NNTP_SERVER "1.2.3.4”

httpd.conf
<VirtualHost 1.2.3.4>
Include “misc_config.cnf”
</VirtualHost>

echo $_SERVER[‘NNTP_LOGIN’]; // login
echo $_SERVER[‘NNTP_PASS’]; // passwd
echo $_SERVER[‘NNTP_SERVER’]; // 1.2.3.4


Problems

1. I don't have access to httpd.conf (I am on shared hosting)

2. Admin can have access to misc_config.cnf

Please I need help, thanks.
User avatar
akuji36
Forum Contributor
Posts: 190
Joined: Tue Oct 14, 2008 9:53 am
Location: Hartford, Connecticut

Re: Hide Database Password from the Server Admin

Post by akuji36 »

Hello

I believe you must give up total control on shared hosting.

If you would like total control (passwords and file access)
you must run your own host from your own machine (localhost)
or a remote server from which you have admin rights.

The administrator has control over everthing that happens on his
server. As one of his many users you cannot hide anything from
the administrator.

thanks

Rod
:)
cygital
Forum Newbie
Posts: 4
Joined: Mon Nov 03, 2008 4:11 am
Location: Abuja, Nigeria
Contact:

Re: Hide Database Password from the Server Admin

Post by cygital »

How about obfuscation? Do you think it will help?
User avatar
Apollo
Forum Regular
Posts: 794
Joined: Wed Apr 30, 2008 2:34 am

Re: Hide Database Password from the Server Admin

Post by Apollo »

cygital wrote:How about obfuscation? Do you think it will help?
No, for plenty of reasons.

For one, if all else fails, the admin might even be (secretly) running an extra specially modified PHP version which logs the parameters of the mysql_connect function whenever you call it.

Bottom line: anything your server can do, the server's admin can do as well :)
cygital
Forum Newbie
Posts: 4
Joined: Mon Nov 03, 2008 4:11 am
Location: Abuja, Nigeria
Contact:

Re: Hide Database Password from the Server Admin

Post by cygital »

Thanks for your reply. So, I have no choice than to trust my server admin.
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: Hide Database Password from the Server Admin

Post by kaisellgren »

If the user has a write access to anywhere on the file-system, he should be able to get your password.

Never hire admins you can't trust. A foundation can't be based on suspicion.
Post Reply