Professional Web Applications Themes

Secure MySQL connection authentication? - MySQL

currently we store user/pass in a plain php file, but we want to have a better method to protect the MySQL login authentication by hiding the real user name & password are there any suggested solution? thanks....

  1. #1

    Default Secure MySQL connection authentication?

    currently we store user/pass in a plain php file, but we want to have a
    better method to protect the MySQL login authentication by hiding the
    real user name & password

    are there any suggested solution?

    thanks.

    howa Guest

  2. #2

    Default Re: Secure MySQL connection authentication?


    howa wrote:
     

    Hiding it from whom? By putting it in a plain php file, you are hiding
    it from all except those who can access the php file. So who else do
    you wish to hide it from. The solution depends on this.

    Captain Guest

  3. #3

    Default Re: Secure MySQL connection authentication?


    Captain Paralytic 寫道:
     
    >
    > Hiding it from whom? By putting it in a plain php file, you are hiding
    > it from all except those who can access the php file. So who else do
    > you wish to hide it from. The solution depends on this.[/ref]

    okay, let consider it is a Perl script, running on the server, any
    advice?

    i.e. sometimes, you even don't want the root to know the password to
    the remote DB...

    howa Guest

  4. #4

    Default Re: Secure MySQL connection authentication?

    "howa" <com> wrote: [/ref][/ref]

    If you are using PHP you should put database account information in a
    PHP include file and store that *outside* the webservers doent root.
     
    >
    > okay, let consider it is a Perl script, running on the server, any
    > advice?
    >
    > i.e. sometimes, you even don't want the root to know the password to
    > the remote DB...[/ref]

    This is not possible. The password must either be given interactively
    or in a file. If it's in a file, root can always get a copy of that
    file and use it (even if the password itself is encrypted).

    There are multiple possibilities to store the password in a file:

    - write it in the source (possibly obscured)
    - write it in a MySQL option file (i.e. ~/.my.cnf)
    - use a SSL certificate, no password but REQUIRE X509 ... in GRANT


    XL
    --
    Axel Schwenke, Support Engineer, MySQL AB

    Online User Manual: http://dev.mysql.com/doc/refman/5.0/en/
    MySQL User Forums: http://forums.mysql.com/
    Axel Guest

  5. #5

    Default Re: Secure MySQL connection authentication?

    >> > currently we store user/pass in a plain php file, but we want to have a 
    >>
    >> Hiding it from whom? By putting it in a plain php file, you are hiding
    >> it from all except those who can access the php file. So who else do
    >> you wish to hide it from. The solution depends on this.[/ref]
    >
    >okay, let consider it is a Perl script, running on the server, any
    >advice?
    >
    >i.e. sometimes, you even don't want the root to know the password to
    >the remote DB...[/ref]

    If your script can know the password, so can root. If you encrypt
    the password, your script also has to have the key to decrypt it.
    If it isn't necessary to decrypt it, then it *IS* the password.
    Some people have attempted this anyway (see Pay TV vendors with
    their descrambler boxes) but they get hacked in spite of supposedly
    "tamperproof" hardware.


    Gordon Guest

  6. #6

    Default Re: Secure MySQL connection authentication?


    Gordon Burditt 寫道:
     
    > >
    > >okay, let consider it is a Perl script, running on the server, any
    > >advice?
    > >
    > >i.e. sometimes, you even don't want the root to know the password to
    > >the remote DB...[/ref]
    >
    > If your script can know the password, so can root. If you encrypt
    > the password, your script also has to have the key to decrypt it.
    > If it isn't necessary to decrypt it, then it *IS* the password.
    > Some people have attempted this anyway (see Pay TV vendors with
    > their descrambler boxes) but they get hacked in spite of supposedly
    > "tamperproof" hardware.[/ref]


    consider some applications like e-banking system, how they protect your
    data from being modified by the `root` account?

    howa Guest

  7. #7

    Default Re: Secure MySQL connection authentication?

    howa wrote: 
    >>
    >>If your script can know the password, so can root. If you encrypt
    >>the password, your script also has to have the key to decrypt it.
    >>If it isn't necessary to decrypt it, then it *IS* the password.
    >>Some people have attempted this anyway (see Pay TV vendors with
    >>their descrambler boxes) but they get hacked in spite of supposedly
    >>"tamperproof" hardware.[/ref]
    >
    >
    >
    > consider some applications like e-banking system, how they protect your
    > data from being modified by the `root` account?
    >[/ref]

    They can't. Root can do anything.

    What they do have are people they can trust, tracking and auditing. So
    if something does change they can track it back.

    If something can be done, there is always someone who can do it.

    --
    ==================
    Remove the "x" from my email address
    Jerry Stuckle
    JDS Computer Training Corp.
    net
    ==================
    Jerry Guest

  8. #8

    Default Re: Secure MySQL connection authentication?

    howa wrote:
     
    >>
    >>If your script can know the password, so can root. If you encrypt
    >>the password, your script also has to have the key to decrypt it.
    >>If it isn't necessary to decrypt it, then it *IS* the password.
    >>Some people have attempted this anyway (see Pay TV vendors with
    >>their descrambler boxes) but they get hacked in spite of supposedly
    >>"tamperproof" hardware.[/ref]
    >
    >
    >
    > consider some applications like e-banking system, how they protect your
    > data from being modified by the `root` account?
    >[/ref]

    As Jerry stated, as root - you can do anything, however - root in a database and
    root at the OS level *can be* two seperate ids where the OS SysAdmin does not
    know the root password for the database. However, that does not completely
    protect the database - as he can copy that database to his own system, modify
    the password and have access to your information. Again, as Jerry stated, there
    is a trust-factor.

    There are 4 Admins in all shops that must have your companies implicit trust.
    The Sys Admin, the DBA, the Network Admin and the SAN Admin. In smaller shops,
    there may be 1 or two people that fill those functions. If you cannot trust
    them, they should be terminated as soon as possible.

    These 4 Admin-types have tools and methods that allow them to have complete
    control over the system AND the data on those systems. Most companies such as
    the one for which I work have many people in this capacity.

    --
    Michael Austin.
    Database Consultant
    Michael Guest

  9. #9

    Default Re: Secure MySQL connection authentication?

    "howa" <com> wrote: 
    >>
    >> If your script can know the password, so can root. If you encrypt
    >> the password, your script also has to have the key to decrypt it.
    >> If it isn't necessary to decrypt it, then it *IS* the password.
    >> Some people have attempted this anyway (see Pay TV vendors with
    >> their descrambler boxes) but they get hacked in spite of supposedly
    >> "tamperproof" hardware.[/ref]
    >
    > consider some applications like e-banking system, how they protect your
    > data from being modified by the `root` account?[/ref]

    By encrypting the data and *NOT* storing the key on the computer. Then
    all root can get is encrypted data. But all depends on how "secure"
    things need to be. Perfect security is an illusion. The best you can
    get is sufficient security. This is when the costs for a successful
    attack are higher than the value of the protected good.

    The traditional use-more-than-once password is already a compromise,
    sacrificing security for simplicity. A password entered on the keyboard
    should be considered exposed (keyloggers exist, even in pure software)
    and must never be re-used. If this is a viable attack vector you need
    external hardware like key tokens or smartcard terminals.


    XL
    --
    Axel Schwenke, Senior Software Developer, MySQL AB

    Online User Manual: http://dev.mysql.com/doc/refman/5.0/en/
    MySQL User Forums: http://forums.mysql.com/
    Axel Guest

  10. #10

    Default Re: Secure MySQL connection authentication?

    Axel Schwenke wrote: 
    >>
    >>consider some applications like e-banking system, how they protect your
    >>data from being modified by the `root` account?[/ref]
    >
    >
    > By encrypting the data and *NOT* storing the key on the computer. Then
    > all root can get is encrypted data. But all depends on how "secure"
    > things need to be. Perfect security is an illusion. The best you can
    > get is sufficient security. This is when the costs for a successful
    > attack are higher than the value of the protected good.
    >
    > The traditional use-more-than-once password is already a compromise,
    > sacrificing security for simplicity. A password entered on the keyboard
    > should be considered exposed (keyloggers exist, even in pure software)
    > and must never be re-used. If this is a viable attack vector you need
    > external hardware like key tokens or smartcard terminals.
    >
    >
    > XL
    > --
    > Axel Schwenke, Senior Software Developer, MySQL AB
    >
    > Online User Manual: http://dev.mysql.com/doc/refman/5.0/en/
    > MySQL User Forums: http://forums.mysql.com/[/ref]

    Even encrypting the data isn't foolproof. The code (and key) to decrypt
    the data must be on the server, and that can be copied. Or, the key
    must be entered from a terminal. And someone with root access can
    easily intercept the incoming key.

    If you want absolute security, put it on your own machine that only you
    can access, lock that machine in a vault and don't give anyone else the
    combination.

    Of course, someone could also break into the vault...

    --
    ==================
    Remove the "x" from my email address
    Jerry Stuckle
    JDS Computer Training Corp.
    net
    ==================
    Jerry Guest

  11. #11

    Default Re: Secure MySQL connection authentication?

    >> >> > currently we store user/pass in a plain php file, but we want to have a 
    >>
    >> If your script can know the password, so can root. If you encrypt
    >> the password, your script also has to have the key to decrypt it.
    >> If it isn't necessary to decrypt it, then it *IS* the password.
    >> Some people have attempted this anyway (see Pay TV vendors with
    >> their descrambler boxes) but they get hacked in spite of supposedly
    >> "tamperproof" hardware.[/ref]
    >
    >
    >consider some applications like e-banking system, how they protect your
    >data from being modified by the `root` account?[/ref]

    You can't. In practice, you can hire trustworthy people, do
    background checks, pay them well, have multiple people checking up
    on each other, and provide separation of duties (for example, 'root'
    on the webserver might not also have 'root' on the database server).
    You can't prevent 'root' from modifying database data, but you don't
    have to make it easy by also giving him an administrative database
    login as well. And if he creates one for himself, the DBA in charge
    of the database might notice.

    Separation of duties is a big deal even in non-computerized accounting
    systems. For example, you have two people open deposit envelopes
    and count the cash in deposits. The same person who credits deposits
    isn't allowed to be the person who prepares customer statements (or
    he could conveniently "lose" the deposit, but send the customer a
    phony statement indicating it's there).

    Gordon Guest

  12. #12

    Default Re: Secure MySQL connection authentication?

    >>> >i.e. sometimes, you even don't want the root to know the password to 
    >>
    >> consider some applications like e-banking system, how they protect your
    >> data from being modified by the `root` account?[/ref]
    >
    >By encrypting the data and *NOT* storing the key on the computer. Then[/ref]

    Then you can't use the data except when the key is provided. This
    may be OK for user passwords, but for much other private information,
    the only reason to have it on the system at all is that there's a
    need for it when the user is NOT logged in. For example, the alert
    topics list and the user's email address might be used by the system
    to send an email when something of interest (as specified by the
    user) is posted. Banks need to know customer account balances (e.g.
    when checks clear, to see if the check should bounce). Both the
    store and the user need the user's credit card number when he orders
    something and the order is processed.
     
     

    And never forget that more primitive methods, like yanking an ATM
    machine out of the ground with a chain and ing it open with
    explosives, or bribing the employee with the keys, can get around
    sophisticated encryption locks.

    Gordon Guest

Similar Threads

  1. Replies: 1
    Last Post: November 30th, 03:31 AM
  2. Secure authentication and authorization
    By ap in forum ASP.NET Security
    Replies: 0
    Last Post: December 2nd, 06:29 AM
  3. Secure password authentication 'SPA'
    By Robert in forum ASP.NET Security
    Replies: 0
    Last Post: September 7th, 02:38 PM
  4. Replies: 1
    Last Post: October 20th, 06:04 PM
  5. Replies: 1
    Last Post: July 26th, 11:33 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139