Greetings all,
I'm trying to create a mysql backup script. The dump has been generated, but now I want to be able to save it to a file to FTP it to another server away from my company's primary one. But because we are running in safe mode, file creation is severly restricted. Reviewing things, the only solution I could come to was to create a folder, assign it to the nobody user, and then use that for writing the files to before FTP'ing them.
Will doing so be a possible security risk?
Setting a folder as user nobody - good thing or bad thing?
Moderator: General Moderators
-
Doctor_Cox
- Forum Newbie
- Posts: 4
- Joined: Sun Oct 08, 2006 3:39 am
-
Doctor_Cox
- Forum Newbie
- Posts: 4
- Joined: Sun Oct 08, 2006 3:39 am
Thanks for your response.
How would I go about runing the script under the user account? Every time I run it it complains about a UID mismatch due to safe mode being on.
Irregardless, I don't think file injection will be a problem but correct me if I'm wrong. I'm not very familiar with Linux, especially security. The script will be a cron job that will create files based on the database table, eg
cart_products.sql
cart_categories.sql
Before uploading them to an FTP account then deleting them. The simple method to guard against someone injecting files will be to check for any files in the folder before beginning the dumping process and deleting any found. Even if someone were able to get a file into this folder, it couldn't do any damage thanks to safe mode, and it wouldn't gain them access to other parts of the system. Correct or not?
How would I go about runing the script under the user account? Every time I run it it complains about a UID mismatch due to safe mode being on.
Irregardless, I don't think file injection will be a problem but correct me if I'm wrong. I'm not very familiar with Linux, especially security. The script will be a cron job that will create files based on the database table, eg
cart_products.sql
cart_categories.sql
Before uploading them to an FTP account then deleting them. The simple method to guard against someone injecting files will be to check for any files in the folder before beginning the dumping process and deleting any found. Even if someone were able to get a file into this folder, it couldn't do any damage thanks to safe mode, and it wouldn't gain them access to other parts of the system. Correct or not?
Use crontab to activate the script...Doctor_Cox wrote:Thanks for your response.
How would I go about runing the script under the user account? Every time I run it it complains about a UID mismatch due to safe mode being on.
Here is an obvious example of a scenario where you have a security problem:Doctor_Cox wrote: Before uploading them to an FTP account then deleting them. The simple method to guard against someone injecting files will be to check for any files in the folder before beginning the dumping process and deleting any found.
generate file
----> malicious replacement of the file
upload file
I wonder why you need to create a temporary file anyway... Just simply pass the output of the dump-generation process to your ftp-client as file input...
The obvious issue is that it would make your backup system completely unreliable... and thus useless.Doctor_Cox wrote: Even if someone were able to get a file into this folder, it couldn't do any damage thanks to safe mode, and it wouldn't gain them access to other parts of the system. Correct or not?
The solution is flawed by design, so i would most certainly not try to minimalize the risk...
-
Doctor_Cox
- Forum Newbie
- Posts: 4
- Joined: Sun Oct 08, 2006 3:39 am
How do I do this? I reviewed the PHP FTP commands and nothing caught my attention as being capable of doing this. In fact this was my first port of call as I knew I was likely going to run into safe mode problems.timvw wrote:Just simply pass the output of the dump-generation process to your ftp-client as file input...
If I can do it via FTP commands, great, this will be easier to test than running the thing via the crontab.
I'm not arguing with the logic, but how could a hacker actually replace the file? I'm not doubting you, just curious. I want to learn. They'd have to be there at the exact moment of file creation, and know the names of one of the tables, which is what each file will be named in turn before FTP'ing. Theoretically possible? Yes. Practically possible? Doesn't appear so to me.Here is an obvious example of a scenario where you have a security problem:
generate file
----> malicious replacement of the file
upload file
But FTP is still clearly the safest method, so if you could point me in the right direction I'd appreciate it.
-
Doctor_Cox
- Forum Newbie
- Posts: 4
- Joined: Sun Oct 08, 2006 3:39 am
Code: Select all
<?php
file_put_contents('ftp://user:password@example.com/pub/mysql.dmp', shell_exec('mysqldump -u username -ppassword database'));
?>