0

Lets suppose we have a virtual www host in a cloud. We cannot install anything and cannot create new users. This host has MySQL and PHP/ASP/JSP pointed to some www_root_dir. We have all privileges to MySQL and can write to www_root_dir.

The database contains table "Companies" with N companies inside. We want to create N admins - each to a corresponding company. We cannot create them as database users, since each one has then full access to a table and can peek/modify other companies, which we try to restrict. So, we create a single database Manager account and a PHP/ASP/JSP Authorizer class that will approve or deny SQL requests from N admins and fetch requested information via Manager account.

The question is: how our Authorizer can authenticate itself by database? In the case of "with Manager account login/password" then Authorizer class needs to store this password somewhere. Where exactly? If within an encrypted file then the only file storage is the www_root_dir directory that is publicly available to anyone. So anyone can download this file and bruteforce it offline.

Any ideas?

Dr. Andrey Belkin
  • 795
  • 1
  • 9
  • 28
  • Store the application user authentication details in your database. – Shadow Jan 06 '21 at 09:27
  • @Shadow then my Authorize cannot connect to database at all, because its login/pw is stored in database and unknown to Authorizer :D – Dr. Andrey Belkin Jan 06 '21 at 09:36
  • Why it is closed? The proposed duplicate IS NOT the same. It is an absolutely different question. – Dr. Andrey Belkin Jan 06 '21 at 09:41
  • Well, your question is not particularly clear. If your concern is storing the database user name and password, then see the update duplicate link. – Shadow Jan 06 '21 at 09:43
  • @Shadow my question is "Where to store database Manager account credentials on the PHP side?" – Dr. Andrey Belkin Jan 06 '21 at 09:44
  • @Shadow if you do all according the falsely provided link, then the database takes over the authorization. In this case, user 1 will have access to the whole table Companies, user 2 will have access to the whole tables Companies, etc. So each user can peek/modify stranger companies (even competitors), which we try to forbid (it is mentioned in my question). So we create only 1 database account and check rights for SQL requests in PHP/ASP/JSP. So, where this PHP/ASP/JSP will store database account password? – Dr. Andrey Belkin Jan 06 '21 at 09:56
  • This 2nd question was answered by the first duplicate link I gave you and that you so much protested that it does not answer your question! Here you go again: https://stackoverflow.com/questions/17475805/application-user-database-user – Shadow Jan 06 '21 at 10:00
  • @Shadow aha, there is another link, thank you :) It is much much more closer. There is one small problem: the accepted answer is: create config file and let your system admin to protect it. Well, actually, I am the developer AND the system admin. And i do not know what to do :D – Dr. Andrey Belkin Jan 06 '21 at 10:03
  • Since you have a single database user, you cannot segregate access on database level, only on application level. If this design is not secure for you, then you need to switch to a different hosting provider that allows you to create multiple database users. – Shadow Jan 06 '21 at 10:04
  • @Shadow I am fully satisfied with App level access management via single database user. Question is: how App stores credentials for this single db user? Your provided link says: "save credentials to file and give your system admin to secure this file". Well, I did and now I am the system admin. And I have no idea how to secure this file with the www_root_dir that is publicly available to anyone. – Dr. Andrey Belkin Jan 06 '21 at 10:16
  • 1
    Pls do not only read the accepted answer, but other answers as well. Pls also bear in mind that SO is a programming QA site, so questions on configuring servers are off topic here. Serverfault sister site of SO is a place for such questions. – Shadow Jan 06 '21 at 10:38
  • `I have no idea how to secure this file with the www_root_dir that is publicly available to anyone`...don't put it in a public folder. Put it elsewhere on the server which is not part of the website root, in a folder which only the sysadmin and the webserver's OS user account has access to. Most web hosts have at least one folder you can use which is outside the web root. If they don't, consider using a less crappy webhost. Or if the server is Apache, you can also use htaccess settings to deny the ability to download it - this is mentioned in one of the other answers in the duplicate. – ADyson Jan 06 '21 at 10:52
  • @Shadow that's why I am asking in my question - "any other ideas"? because putting in public folder for public download is not even configuring server but a fatal mistake. – Dr. Andrey Belkin Jan 06 '21 at 11:40
  • @ADyson as stated in question: no other folder available. It is on virtual host in cloud. – Dr. Andrey Belkin Jan 06 '21 at 11:40
  • 1
    Well that's a pretty poor setup from the hosting company. Personally I would be looking for another host. But you can try the htaccess solution as I mentioned above. – ADyson Jan 06 '21 at 11:42
  • 1
    What exactly is that "PHP/ASP/JSP Authorizer class"? If you cannot "install" anything on your server, what's the use of that server? Usually, you can upload files there (which could count as "install an application") – Nico Haase Jan 06 '21 at 21:26
  • @NicoHaase I can only upload to www_root_dir folder over SFTP (as mentioned in my description). Otherwise, no SSH, no shell, ... PHP/ASP/JSP Authorizer class - is my class written in any of mentioned technologies (PHP, ASP, JSP) in order to provide App level authorization. – Dr. Andrey Belkin Jan 07 '21 at 14:32
  • 1
    No SSH connection? Cancel that contract, get on a better one. Especially if this is not a hobby project. – Nico Haase Jan 07 '21 at 14:45
  • Does the host really support all PHP, ASP & JSP applications in the same environment? That's very unusual and somewhat surprising. That would be quite an achievement. A shame it appears to be let down by the hopeless filesystem and shell access. – ADyson Jan 07 '21 at 14:47

0 Answers0