Topic: Better security on stored passwords.

Well there is a problem with having a config.php, that I know how to solve, but I guess I should tell everyone.

If you have a config.php with passwords for the sql database, the novice user may have an login to it that is accessible from the outside. (If you have, I suggesst you first fix this! smile)
If they have, and someone would like to make that persons life a bit miserably,  they just need to crash php, and look at the config.php, where all info is in clear text.

One way one can solve this by having a directory that php can access, but not the browser. (I have mine one step below where the page is, as an example). And in the config.php file add:
include "../secretdirectory/passwords.php";
and then move all the other stuff into that file instead. This way if someone crashes php, they still cannot get their hands on the mysql passwords, or other delicate info.

Another way is to have no read privilegies on files called .inc or something, and keep the file in the same directory, but instead of the include above, have this:
include "passwords.inc";
You can then store this file in the same directory as the punBB, but knowing that your password is safe.
You will need to add some stuff in your browser configurations to get this to work. I use Apache2 and thus writes:
<Files ~ "*.inc">
    Order allow,deny
    Deny from all
</Files>
just below where they have the restrictions about .ht files. (easier to have everything in one place). And I use a couple of .inc files ...

Don't know if this really is an feature request, but perhaps one would have the option to place the info in a certain file, and move it to wherever one likes, and the config.php would just be a link to it?

/Frank H

Re: Better security on stored passwords.

You are absolutely right, but as you noted yourself I don't think it's a "feature" and I don't believe that I can implement it in any sane way. The users that have the skills to actually make the nessecary changes to httpd.conf (of use .htaccess) also have the skills to modify their config.php to include a file from a protected directory or something similar. Having two different methods of storing the database password seems like something that would cause more problems than it would solve.

Also, actually crashing PHP isn't _that_ easy since you can only run the scripts that the "target server" is serving. Or is it easy? I've never managed to do it by mistake anyway :-)

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Better security on stored passwords.

Well perhaps not that easy, but probably not completely impossible.

Well for me it's not a problem, but I guess people should be aware of this possibility. And if they have the knowledge, to put their passwords somewhere safe. smile

Re: Better security on stored passwords.

You are right about the fact that people should be aware of the "problem", but it's more a general administrative precaution than it is a scripting issue. All PHP scripts that store passwords in it's scripts are vunerable to this sort of attack. I'm not sure what I can do to improve on the situation.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Better security on stored passwords.

Perhaps you can write something about it in some readme file