2

Is there a unix service, or at least one I could cobble together, for storing a plaintext password for a PHP web application?

In composing this question, I found that c# provides a service for storing passwords in an encrypted format.

I have to store plain-text passwords because the application is connecting to various ftp servers. Not all of these servers are configured to use public keys. The two vectors I'm looking to protect against are database dumps and someone getting the plaintext password from a file on the filesystem.

I was wondering if there is some way that the server OS itself can store an encrypted string for the user that the app is running under -- apache, www-data or whomever. I understand that such a system is still vulnerable to someone getting the access to those accounts, or uploading malicious PHP scripts, but I feel that with our current practices, those are acceptable risks. I am just looking not to store the plaintext password in the db or on the filesystem.

Community
  • 1
  • 1
user151841
  • 17,377
  • 29
  • 109
  • 171
  • 1
    And where did you think the system stored the password? – Ignacio Vazquez-Abrams Mar 27 '12 at 17:41
  • I don't understand the question -- which password are you talking about? Shell account password hashes are stored in /etc/shadow, but I can't log into a remote server with a hash :( – user151841 Mar 27 '12 at 17:52
  • "I am just looking not to store the plaintext password in the db or on the filesystem." The system stores the password in a database or on the filesystem. You have gained nothing. – Ignacio Vazquez-Abrams Mar 27 '12 at 17:54
  • I'm looking to store a reversibly encrypted password in the db or filesystem, and one that can only be decrypted by having access to the shell account that the web service runs under. I understand this is not bullet-proof security. I just don't want a password leaking out from a db dump or a filesystem backup. – user151841 Mar 27 '12 at 18:07
  • 1
    Does this question help? http://stackoverflow.com/questions/6038798/store-passwords-required-by-a-linux-daemon – MV. Jun 28 '12 at 01:18
  • @MV that does help -- but then how do I give the apache process running under the apache user access to that file owned by root? Through group perms? – user151841 Jun 28 '12 at 16:43
  • In that question the daemon was running as root, so it makes sense the file should be owned by root. In this case, you can chenge ownership of the file to root:apache and give group read-only access or you can use apache:apache and then remove all access to group and world. – MV. Jun 28 '12 at 21:29
  • Also check: http://uranus.chrysocome.net/linux/php/passwords.htm an Apache module which reads a root owned configuration file (on start) with the passwords and the locations of the allowed PHP scripts, then it provides them to the web applications if they are at the allowed location. (The module looks old, I don't know if it will work with current Apache versions). – MV. Jul 07 '13 at 08:21

1 Answers1

1

From your question I assume you are using Apache. The Apache config files should only be readable by root, so any information stored here should be pretty safe. If someone get root access they probably would be able to extract the password somehow anyway.

You can use Apaches SetEnv to set an environment variable:

SetEnv mySQL_PASS somePassword

This will be available for PHP using the $_SERVER superglobal.

echo $_SERVER['mySQL_PASS'];
Audun Larsen
  • 958
  • 5
  • 7