在哪里以及如何存储PHP可用的MySQL密码
[英]Where and how to store MySQL passwords available to PHP
问题描述
I am using PHP with a singleton PDO to access the database, and it it obviously need MySQL's username and password. 
我使用PHP和单例PDO来访问数据库,它显然需要MySQL的用户名和密码。
As we all should know, the username and password should not be stored in a public directory. 众所周知,用户名和密码不应存储在公共目录中。
I can therefore do something like require 'some_path/my_secrets.php'; 因此,我可以做类似require 'some_path/my_secrets.php'; which sets a bunch of variables, but then these variables are defined potentially globally which is not a good idea (granted, not globally when using a singleton, but still). 它设置了一堆变量,但随后可能在全局范围内定义这些变量,这不是一个好主意(允许的,使用单例时不是全局的,但仍然如此)。 Okay, I can only require the secret file within some function, but that is a lot to remember... 好的,我只能在某个函数中需要秘密文件,但是要记住的很多...
Is there a better way to make private data available to the PHP script? 有没有更好的方法可将私有数据提供给PHP脚本? Also, any other steps I should be taking? 另外,我应该采取其他步骤吗? Thank you 谢谢
4 个解决方案
解决方案1
1 2013-02-23 15:14:16
I had the same problem and initially 我有同样的问题,最初
- DB passwords were stored in an include file within the
includesdirectory (ie to prevent a incidental PHP code display directly from the web files)DB密码存储在包含目录内的includes文件中(即,防止直接从Web文件中显示偶然的PHP代码)
then came another idea, a bit more complex but still pretty doable 然后又有了另一个想法,虽然有点复杂但仍然可行
- Make a C program that owns the DB data encoded and delivers the data from a system call. 制作一个C程序,该程序拥有已编码的DB数据,并从系统调用中传递数据。 The source code (that includes the encoded passwords) is owned somewhere safe. 源代码(包括编码的密码)在安全的地方拥有。 The C code has to perform some checks to ensure the call is made from PHP etc... C代码必须执行一些检查,以确保从PHP等进行调用。
but this is pretty expensive - C is fast, but loading all the time the passwords through system is expensive. 但这非常昂贵-C速度很快,但始终通过系统加载密码非常昂贵。 Therefore adding APC to the game makes the whole thing easier and faster 因此,在游戏中添加APC可以使整个过程变得更加轻松快捷
- during the first request, load the DB data into APC permanent variables - thus the data is in memory and more difficult to obtain from outside. 在第一个请求期间,将DB数据加载到APC永久变量中-这样数据就在内存中,并且很难从外部获取。 Typically the algorithm is 通常,算法是
algo 算法
Check if APC variables are set
If yes use them
If no load them from C program, only once
- Another idea, using
php-fpmfor instance is to set an environment variable within the fpm configuration (readable only by root ) that contains the passwords例如,使用php-fpm另一个想法是在fpm配置中设置一个环境变量(只能由root读取),其中包含密码
Finally, you could also create your own PHP extension that provides the data from the C code (extensions are usually written in C). 最后,您还可以创建自己的PHP扩展,以提供来自C代码的数据(扩展通常以C编写)。 This is some extension documentation . 这是一些扩展文档 。
This is not the definitive answer in how to prevent passwords stealing, but at least it would make more difficult for the hacker to determine the passwords - and would require also more knowledge. 这不是如何防止密码被窃取的最终答案,但是至少这将使黑客更难确定密码-并且还需要更多的知识。
解决方案2
1 2013-02-23 15:20:40
Most systems I know have a .htaccess protected include file. 我知道的大多数系统都有.htaccess保护的包含文件。 Inside you define a config array and done. 在内部定义一个配置数组并完成。 Maybe not the most secure way of doing it but that is many shops, CRMs and other web services do it. 也许这不是最安全的方法,但是许多商店,CRM和其他Web服务都可以这样做。
解决方案3
0 2013-02-23 15:46:07
First off, I would say, unless your PHP app needs it, restrict the permissions of the app's database account as much as possible (eg: read access on appropriate tables, perhaps write access as few as possible). 首先,我要说的是,除非您的PHP应用程序需要它,否则应尽可能限制该应用程序的数据库帐户的权限(例如:对适当表的读取访问,或者尽可能少的写入访问)。 If your app needs admin access to create tables, etc., that's a whole 'nother can of worms. 如果您的应用需要管理员访问权限才能创建表等,那么这完全是蠕虫的“另一罐”。
Secondly, as ring0 suggests, don't store the database password in plain text. 其次,如ring0所建议的,不要以纯文本形式存储数据库密码。 I would recommend using a hashing API to store a hash of your password, such as this: https://gist.github.com/nikic/3707231 . 我建议使用哈希API存储您的密码哈希,例如: https : //gist.github.com/nikic/3707231 。 And of course, the hash might be best stored in some other 3rd place (at least a separate file). 当然,最好将散列存储在其他第3位(至少是一个单独的文件)。 If your users are trustworthy, and you can figure out a way, you could have the hash be computed from the user's log-in information, but that might require separate entries in your password file for each user (because each hashed DB password will be different). 如果您的用户是值得信赖的,并且可以找到一种方法,则可以根据用户的登录信息来计算哈希值,但这可能需要在每个用户的密码文件中单独输入(因为每个哈希DB密码都是不同)。
There is never a foolproof way, and I'm not a security expert, but I know plain text is always bad for storing passwords, so I think this is a step in the right direction. 从来没有一种万无一失的方法,而且我不是安全专家,但是我知道纯文本总是不利于存储密码,因此我认为这是朝正确方向迈出的一步。
解决方案4
0 已采纳 2013-02-23 17:21:55
Your solution is fine. 您的解决方案很好。
Most of the suggested solutions are just exaggerated as although they may higher the level of security a bit they are not worth the additional effort. 大多数建议的解决方案只是被夸大了,尽管它们可能会提高安全级别一点,但不值得您付出额外的努力。
Because the security should not only rely on the secrecy of the password. 因为安全性不仅应依赖密码的保密性。 At best, even if the password get's revealed, its knowledge is worthless for an attacker as he cannot use it. 充其量,即使密码被泄露,对于攻击者来说,由于无法使用它,它的知识也毫无价值。
This means, use a MySQL user dedicated to your application with permissions following the principle of least privilege and only allow the access to the database from that application's web server (see MySQL Access Privilege System ). 这意味着,使用遵循最低特权原则的权限的专用于您的应用程序的MySQL用户,并且仅允许从该应用程序的Web服务器访问数据库(请参阅MySQL访问权限系统 )。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.