hiding file(s)

klansman

hi everyone!

Recently, i wrote an authentication script in php, using a MySQL database and php sessions.

The authentication part works ok, i use a mysql user which has read-only privileges within the MySQL database, so no password is needed... even if anyone finds out that username, he/she cannot really harm the database (unless, of course read it, which is bad enough)

Along with the authentication script, i also wrote a backoffice to insert/remove/edit users that are allowed to see the protected pages. The back-office has to work with a full-privileged (not really full, but able to insert, delete, update the database) user, which obviously has a password.

My problem starts here:
That username+password is stored in a file, that i need to hide. How can i do that? It is an empty file in terms of php code (if you run it on a browser, the result is a blank screen (not blue...)), but if anyone writes a program to read the file, it becomes completely uncovered. How can i hide the damn file???

Second problem:

I would like to set up MySQL in a way that when a user logs in the server and makes a 'show databases' command, sees only the databases that the user is allowed to read. I know that this can be done by setting a MySQL variable (like safe-show-database) in /etc/my.cnf, but it doesn't work. Is this because the mysql manual refers to mysql 4.0 and i am using mysql 3.23?
(i know this last question is not really related to the topic, but it relates to the previous in a way...)

thanx!

[]

raymie

Put the file in a directory above the web root and then browsers will not be able to access the file but your scripts can be specifying the path to it.

klansman

ok, but then i will be building my security based on the unknown - if people don't know where to find it, it is secure... is this a good policy?

the thing is: i must be able to read it from my script, so it must be included from somewhere... if someone finds out that somewhere, i am again exposed, right?

thanx for the quick answer.

[]

raymie

No, you are not correct.

If a file is outwith the document root that file cannot be accessed via a web browser even if the name and location are know, for example the name of the main unix password file is almost always the same and in the same location but this is not a security risk as such.

Files outwith the document root can only be accessed via a script running directly on your server (this includes PHP).

This is only a security problem if you allow others to run scripts on your server without you vetting the content, if you do this then you have a much bigger security hole than you think.