Storing plain text sensitive details

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Storing plain text sensitive details

Post by alex.barylski »

How do you deal with the situations where you need to store sensitive details in text files and plain text...

I have details such as SMTP, FTP and MySQL credentials stored in some ini files.

As a first line of defence, I stored these files outside of the docroot so they are inaccesible from the outside. It's a dedicated server with no other "known" users. However I still worry that someone may still gain access to the system and possibly exploit a daemon to read plain text files and possibly obtain credentials.

I thought of maybe converting the INI files into a encrypted PHP script with one of those encrypters...the problem with that approach is that now my users will not be able to update their INI settings if they ever change their SMTP or MySQL database, etc...

Storing these details in a database is not an option, they must remain as INI files.

Cheers :)
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Re: Storing plain text sensitive details

Post by Kieran Huggins »

Maybe you could chmod them to "440"? Then only the www-data user & group would have read access to them?

I have to say they sound about as safe as you're going to get them now.
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Re: Storing plain text sensitive details

Post by alex.barylski »

Kieran Huggins wrote:Maybe you could chmod them to "440"? Then only the www-data user & group would have read access to them?

I have to say they sound about as safe as you're going to get them now.
I think file permissions is the only way to go to ensure security. Although I recall reading an article by Chris Shiflett a while back, where he had a technique of storing MySQL passwords in some root owned file or something similar which was then pushed into PHP or CGI applications via environment variables or similar technique.
User avatar
JamesRavenscroft
Forum Newbie
Posts: 10
Joined: Thu Jan 31, 2008 3:45 am
Location: West Midlands, United Kingdom

Re: Storing plain text sensitive details

Post by JamesRavenscroft »

Could you save them as encrypted files like you suggested and then use your script to edit the options. As far as I can remember (forgive me if I'm wrong, there is a PHP ini writing feature as well so it would be quite easy). The only problem I can see is finding a good encryption/decryption algorithm in pure PHP (unless you have access to PEAR) but I'm sure there are some out there.
Post Reply