R. Joseph Newton wrote: > [EMAIL PROTECTED] wrote: > >>I'm basically concerned about the security of writing a simple web frontend to SQL >>database, the most important question being: how should I store the database >>password? >>[...] >>There are tens of websites on the server and every database access is done with an >>account having full (sic) access to all of the tables and - if that wasn't enough - >>the password is in the clear in the sourcecode which is all world readable! No >>wonder why the previous admin was fired. > > Although only a slight improvement, it can help to shift the database out of the cgi > directory. On the server I use, the web server runs as part of the group. There > fore if a side directory has chmod 660, the server can access it, but the world can > not. Unfortunately others considered to be part of the same group can also read it.
Thank you Joseph and Motherofperls for your tips, however I need something more than security through obscurity, as this database is going to store our customers personal information (real name and contact information) which is absolutely unacceptable to be stored in such an insecure manner (we cannot risk being sued or loosing our customers and of course I most definitely cannot knowingly introduce such a serious vulnerability being responsible for that website). I cannot depand on attackers not finding the database password which is stored as cleartext in a world-readable file while its path is included in the script source (or even if it wasn't included anywhere, for that matter). Even if it is group-readable for a group which the httpd process belongs to, it is actually not any more secure and only adds one simple step for attacker to access the file with a CGI script by exploiting any script from any website on the server or using any user account which can modify any one of those webites, so I'd say it is basically world-readable on a server where I am not the only one who has a website. What I need is a secure way of doing it and I'd like to know how the experienced Perl developers solve this common problem. It'd be somehow hard to believe that people actually store sensitive data in production environments in such a way which allows full access using the most trivial web attacks and even without any need of attack at all for everyone with a website on this server, even without the shell access. I hope someone who has developed any real production system could answer my question or even just tell me to RTFM while kindly pointing me to the right FM, because to my great surprise I couldn't find anything in perlfaq and any other Perl documentation or books I've read. Thanks a lot. -Zedgar Z. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
