On Tue, October 3, 2006 1:51 pm, Google Kreme wrote: > And yeah, a key is better, but I've not gotten that far. Not really better... See, whatever you do in that general vein of thought, your PHP script ends up needing to get the file. So whatever is in your PHP script, which is readable, just as your password used to be readable. So now the Bad Guy only has to read *that* to see/find/use the key, and... It's so much not a real barrier, that I propose that it provides more of a false sense of security than actual security. Now, you want to talk about putting it in a root-read-only file that gets loaded by Apache at startup, and you're going somewhere -- Though you still have the risk that somebody could all too easily expose it accidentally by dumping out $_ENV... There are risks any which way you do this, but, imho, a php-writable and readable file with your mysql password going into it being authored by somebody who's having trouble writing a simple text file is a clear indication of likely high-risk... A php-readable file outside the webtree at least limits risk to users on the same machine -- and so machine access provides an authentication barrier. Not claiming that's insurmountable, mind you, but it's a real actual barrier of a significantly different nature than just reading yet another PHP/text file to find the key that reads the other-other php/text file. In other words, if they are already reading ONE php file to snarf your mysql password, reading TWO php files to read your key to read your mysql password is not exactly a big leap in skill/technology/security. Breaking into your server *AND* reading your php source to get your mysql password... Well, hell, if they've already broken into your webserver, you've got Big Trouble right there that potentially dwarfs the mysql password issue... Maybe not. maybe your webserver has not much on it, but the mysql db has all kinds of double-secret stuff... Still, 2 radically different "locks" is better than 2 locks with essentially the same "key", no matter what it is you are trying to secure. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
