Richard Lynch wrote:
> By setting the file readable only by root this problem is
> completely eliminated. Unless a hacker has the root password,
> they will not be able to compromise the information in this
> file.
>
> This is how I understand it, at least. If Chris reads this
> perhaps he can confirm this for me?
If only 'root' can read the file, and PHP can read the file (IE,
your script still works) then you have HUGE problems, because
your PHP script, and all of Apache, is running as 'root'...
I think he's referring to the technique described at the end of this
article on shared hosting security:
http://shiflett.org/articles/security-corner-mar2004
(Sorry, but I somehow missed the original conversation, so I might be
wrong. Apologies in advance if that's the case.)
Apache does actually run as root (that's why it can bind to port 80),
but incoming requests are handled by child processes running as nobody.
This technique leverages the fact that the parent process can read the
file but child processes (potentially running code from other users) cannot.
The sensitive data exists only in the file and in the memory of child
processes executing your scripts. This lets you access the data from
your PHP scripts (it's in $_SERVER) and puts you more in control of the
exposure of it.
Hope that helps.
Chris
--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
