Page 1 of 1

Hide Database Password from the Server Admin

Posted: Fri Nov 13, 2009 4:54 am
by cygital
I have been so interested in php security lately. I have been trying to figure out whether it is possible to hide database password from the server admin.

You know, normally you would write
mysql_connect("host", "username", "password");

Problem:
1. Admin can access to whatever file you placed the above.

Earlier I read that you can use setenv to create something like $_SERVER['NNTP_PASS']

misc_config.cnf
SetEnv NNTP_LOGIN "login"
SetEnv NNTP_PASS "passwd"
SetEnv NNTP_SERVER "1.2.3.4”

httpd.conf
<VirtualHost 1.2.3.4>
Include “misc_config.cnf”
</VirtualHost>

echo $_SERVER[‘NNTP_LOGIN’]; // login
echo $_SERVER[‘NNTP_PASS’]; // passwd
echo $_SERVER[‘NNTP_SERVER’]; // 1.2.3.4


Problems

1. I don't have access to httpd.conf (I am on shared hosting)

2. Admin can have access to misc_config.cnf

Please I need help, thanks.

Re: Hide Database Password from the Server Admin

Posted: Fri Nov 13, 2009 8:29 am
by akuji36
Hello

I believe you must give up total control on shared hosting.

If you would like total control (passwords and file access)
you must run your own host from your own machine (localhost)
or a remote server from which you have admin rights.

The administrator has control over everthing that happens on his
server. As one of his many users you cannot hide anything from
the administrator.

thanks

Rod
:)

Re: Hide Database Password from the Server Admin

Posted: Fri Nov 13, 2009 9:55 am
by cygital
How about obfuscation? Do you think it will help?

Re: Hide Database Password from the Server Admin

Posted: Fri Nov 13, 2009 10:20 am
by Apollo
cygital wrote:How about obfuscation? Do you think it will help?
No, for plenty of reasons.

For one, if all else fails, the admin might even be (secretly) running an extra specially modified PHP version which logs the parameters of the mysql_connect function whenever you call it.

Bottom line: anything your server can do, the server's admin can do as well :)

Re: Hide Database Password from the Server Admin

Posted: Fri Nov 13, 2009 10:37 am
by cygital
Thanks for your reply. So, I have no choice than to trust my server admin.

Re: Hide Database Password from the Server Admin

Posted: Fri Nov 13, 2009 12:23 pm
by kaisellgren
If the user has a write access to anywhere on the file-system, he should be able to get your password.

Never hire admins you can't trust. A foundation can't be based on suspicion.