database user/pass protection
Moderator: General Moderators
- Pyrite
- Forum Regular
- Posts: 769
- Joined: Tue Sep 23, 2003 11:07 pm
- Location: The Republic of Texas
- Contact:
database user/pass protection
So a thought just occured to me, if someone hacked into my webserver, and looked at my config.php file and got the user/pass for my MySQL server, they could basically have my database no matter where it resided (locally or on another server). Is there any way for me to protect the config where the user/pass is stored from physical intrusion?
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
An interesting article: http://shiflett.org/articles/security-corner-mar2004
is that NOT associated with a host? In that case "all"? My point was the likelyhood of someone who has their username and password running queries against the database remotely is not very high as a username has to be tied to a host. Sure if they were on the machine locally they could create an account "Roja@all" but then they could also create an account "Roja@66.217.49.67" etc.Roja wrote:Not always. It depends on the setting and configuration of mysql. You *can* set an account to all hosts. (burrito@all)
I don't think anyone (at least anyone with any sense) would puposely create an account "Roja@all"...if they would, they have bigger fish to fry than the topic of this thread.
I did read the article Tim suggested and it looks like a viable option (create env vars for the un and pass and call them from the $_SERVER[] array...wonder if there's an IIS alternative?
Nope. its associated with *all* hosts. Definite difference.Burrito wrote: is that NOT associated with a host?
And my point was that it is high - because a username doesnt have to be tied to a host - it can be open to any host.Burrito wrote: In that case "all"? My point was the likelyhood of someone who has their username and password running queries against the database remotely is not very high as a username has to be tied to a host.
Last I checked, creating a new db user in BOTH webmin AND cpanel does exactly that. Considering that that covers at least 70% of the hosts out there - I'd call that common, and very relevant.Burrito wrote: I don't think anyone (at least anyone with any sense) would puposely create an account "Roja@all"...if they would, they have bigger fish to fry than the topic of this thread.
Not just arguing for the sake of argument.. its a very common configuration, and it makes for a serious security issue.
It was a serious problem on Sourceforge three years ago, for example: Anyone with shell hosting was able to see our db config, so we ended up having to request special security for our project (Blacknova Traders). (Things on SF have changed since then).
Its NOT uncommon.
/offtopic
Yeah, I remember back when I had a project up on SF.net. Sooo unsecure. You could stroll into anyones folder and view their config and mess with the script.
/back_on_topic
If they had access to the config file, that means they most likely could see any other file and scan for security holes. Once one is found, they could do something like execute scripts remotely, or forcefully upload scripts and that could give them control of the db.
So because of that reason, among others, it's very important to code securely even if the project/site isn't open source.
Yeah, I remember back when I had a project up on SF.net. Sooo unsecure. You could stroll into anyones folder and view their config and mess with the script.
/back_on_topic
If they had access to the config file, that means they most likely could see any other file and scan for security holes. Once one is found, they could do something like execute scripts remotely, or forcefully upload scripts and that could give them control of the db.
So because of that reason, among others, it's very important to code securely even if the project/site isn't open source.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
- Pyrite
- Forum Regular
- Posts: 769
- Joined: Tue Sep 23, 2003 11:07 pm
- Location: The Republic of Texas
- Contact:
I did read it, and it seems it is focused on remote exploits. I am concerned about a cracker having access to my server, through whatever means and viewing my config.php to find the db credentials and viewing my database. Has nothing to do with remote exploits.
The fact of the matter is, my db credentials are sitting there on my server in a plain text file. That is not good! Even Windows doesn't do that.
The fact of the matter is, my db credentials are sitting there on my server in a plain text file. That is not good! Even Windows doesn't do that.
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US