Am 13.06.19 um 15:30 schrieb Sjon Hortensius: > FWIW - hiding database passwords (when using PDO) would be possible when > https://github.com/php/php-src/pull/2684 gets included
I was more thinking of a more general approach as PDO is not the only
place where passwords are transfered. So having a generic Password-VO
that could be used like a password-string for BC but would not show up
in stack-traces - or at least not the cleartext-password - might improve
the security aspect regardless of where the password will be used. Yes,
at one point the cleartext-password needs to be handed over to the VO
and before that it will appear in stack-traces.
I did a userland-implementation but it still requires to hand over the
cleartext-password to relevant functions in PHP and there the stacktrace
can again leak the password. So having such a functionality in the core
would improve things.
Cheers
Andreas
>
> Cheers,
> Sjon
>
> On Thu, Jun 13, 2019 at 9:56 AM Andreas Heigl <andr...@heigl.org> wrote:
>
>> Hey All
>>
>> Am 13.06.19 um 09:41 schrieb Nikita Popov:
>>> On Thu, Jun 13, 2019 at 9:35 AM Lester Caine <les...@lsces.uk> wrote:
>>>
>>>> Seen in the wild ... company name sanitised
>>>>
>>>> Warning: mysqli::mysqli(): (HY000/2002): No such file or directory in
>>>> /home/888/public_html/system/library/db/mysqli.php on line 7
>>>>
>>>> Fatal error: Uncaught exception 'Exception' with message 'Error: <br
>>>> />Error No: ' in /home/888/public_html/system/library/db/mysqli.php:10
>>>> Stack trace: #0
>>>> /home/888/public_html/system/nitro/core/nitro_db.php(29):
>>>> DB\MySQLi->__construct('localhost', '888_4y65f5...',
>>>> 'J?vJr+j5iCju-bo...', '888_4y65f5...', '3306') #1
>>>> /home/888/public_html/system/nitro/core/nitro_db.php(13):
>>>> NitroDb->__construct('mysqli', 'localhost', '888_4y65f5...',
>>>> 'J?vJr+j5iCju-bo...', '888_4y65f5...', '3306') #2
>>>>
>> /home/888/public_html/system/storage/modification/system/library/db.php(11):
>>>>
>>>> NitroDb::getInstanceWithParams('mysqli', 'localhost', '888_4y65f5...',
>>>> 'J?vJr+j5iCju-bo...', '888_4y65f5...', '3306') #3
>>>> /home/888/public_html/system/framework.php(36):
>>>> DB->__construct('mysqli', 'localhost', '888_4y65f5...',
>>>> 'J?vJr+j5iCju-bo...', '888_4y65f5...', '3306') #4
>>>> /home/888/public_html/vqmod/vqcache/vq2-system_startup.php(124):
>>>> require_once('/home/888 in
>>>> /home/888/public_html/system/library/db/mysqli.php on line 10
>>>> 你的代码出错了:
>>>>
>>>> I presume something has been updated that they have not been aware of
>>>> since it's library file that triggered the warning ... but it's not the
>>>> first time in recent years I've seen this sort of information on
>>>> commercial sites and while my own clients just get white screens, those
>>>> are created by the likes of Wordpress when 'automatic updates' happen.
>>>>
>>>> Many years ago the response was "well don't update", but 'current
>>>> practice' takes that out of OUR hands! So isn't it time that the
>>>> triggering exceptions like this did produce a more user secure response
>>>> to protect against leaks like this and provide a better alternative than
>>>> a white screen?
>>>>
>>>> In the case of this live site, I actually placed an order as it was only
>>>> some links that triggered the fault, which may explain why they were not
>>>> even aware there was a problem :( From the 'development' side, NitroDb->
>>>> should obviously be handling the problem anyway.
>>>>
>>>
>>> display_errors=Off in production.
>>>
>>
>> While that makes absolute sense perhaps thinking whether there is a way
>> to mark password-parameters in core-functions and hide them in
>> Stack-traces might improve security as that would also hide
>> user-provided credentials in log-files.
>> That would not target userland methods/functions. Though having a
>> Core-Value-object for credentials might even allow *that*
>>
>> Just my 0.02 €
>>
>> Cheers
>>
>> Andreas
>> --
>> ,,,
>> (o o)
>> +---------------------------------------------------------ooO-(_)-Ooo-+
>> | Andreas Heigl |
>> | mailto:andr...@heigl.org N 50°22'59.5" E 08°23'58" |
>> | http://andreas.heigl.org http://hei.gl/wiFKy7 |
>> +---------------------------------------------------------------------+
>> | http://hei.gl/root-ca |
>> +---------------------------------------------------------------------+
>>
>>
>
--
,,,
(o o)
+---------------------------------------------------------ooO-(_)-Ooo-+
| Andreas Heigl |
| mailto:andr...@heigl.org N 50°22'59.5" E 08°23'58" |
| http://andreas.heigl.org http://hei.gl/wiFKy7 |
+---------------------------------------------------------------------+
| http://hei.gl/root-ca |
+---------------------------------------------------------------------+
signature.asc
Description: OpenPGP digital signature
