Re: [PHP] hiding passwd in cmdlines that appear in the process list

Hi !.

I don't know if my solution is better or not. but in one of my programs i
had to make a backup online then my solution was to use shell vars to put
important information like db_password . When we use putenv function those
var only exists on the current shell and on its subshells. In your case the
following code :

<?php
putenv("DBNAME=".DB_NAME);
putenv("DBUSER=".DB_USER);
putenv("DBPASSWD=".DB_PASSWD);

system('mysql -h localhost --user=$DBUSER --password=$DBPASSWD -D $DBNAME
< "/my/import/script.sql" 2>&1');

?>

On 11/30/06, Jochem Maas <jochem@xxxxxxxxxxxxx> wrote:

Richard Lynch wrote:
> Don't use exec. ;-v

yeah - which is annoying because outside of php/exec() using the `cat
/path/2/myqyl/passwd`
trick works (i.e. ps doesn't give the passwd away)

thanks to everyone for there input - I have plenty to read/think about,
I send something back to the list when i have decided upon and tested a
working solutions

thanks everyone!

>
> Or, perhaps, write a shell script that reads the password and provides
> it to MySQL somehow without invoking another exec of some kind.
>
> You also could look into other MySQL authentication mechanisms such as
> SSL keys and whatnot -- which I only vaguely recall seeing somewhere
> in the MySQL docs.
>
> That might still end up with a PHP/world readable file that has a
> private key in it, but at least it requires the Bad Guy to take one
> more step to read said file.
>
> On Wed, November 29, 2006 6:10 am, Jochem Maas wrote:
>> I have been using exec() for a number of things recently - one of the
>> things
>> I'm using it for it to run mysql in order to import SQL scripts
>>
>> so I have some code that looks like:
>>
>> // build the cmdline
>> $cmd = sprintf('mysql -h %s --user=%s --password=`cat %s` -D %s <
>> "%s" 2>&1',
>> MYSQL_SERVER, MYSQL_ROOT_USER, $rootPasswdFile,
>> $data['db_name']['value'], $file);
>>
>> // run the mysql command via the cmdline
>> $output = array(); $exit = 0;
>> @exec($cmd, $output, $exit);
>>
>> everything works. but there is a security issue - one that I thought I
>> had
>> specifically tackled.
>>
>> the security issue occurs due to the fact that the process list (this
>> is
>> just linux I'm talking about) will show the complete command line,
>> which in
>> my case would look something like (in the processlist):
>>
>>
>> mysql -h localhost --user=admin --password=`cat
>> /my/sql/root/passwd/file` -D somedb < "/my/import/script.sql" 2>&1
>>
>>
>> AH I hear you say but the wily use of "`cat /my/sql/root/passwd/file`"
>> masks the actual
>> password from any looking in the process list. indeed undeer normal
>> shell scripting circumstances
>> that may have been true.
>>
>> BUT in using php's exec() to run the cmdline causes the following to
>> show up in the processlist:
>>
>>
>> sh -c mysql -h localhost --user=admin --password=`cat
>> /my/sql/root/passwd/file` -D somedb < "/my/import/script.sql" 2>&1
>>
>>
>> AND that [sub]shell then lists it's process[s] in the list also, there
>> is only one
>> and it is this:
>>
>>
>> mysql -h localhost --user=admin --password=MYFINGPWD -D somedb
>>
>>
>> does anyone have an idea how to over come this security issue (without
>> resorting to having to
>> type in the mysql admin passwd interactively!)
>>
>> thanks & regards,
>> Jochem
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Relevant Pages

  • RE: [PHP] hiding passwd in cmdlines that appear in the process list
    ... Would it be possible, Jochem, to just make a shell script that does the call to mysql and have PHP exec() the shell script? ... // run the mysql command via the cmdline ...
    (php.general)
  • Re: [PHP] hiding passwd in cmdlines that appear in the process list
    ... Or, perhaps, write a shell script that reads the password and provides ... You also could look into other MySQL authentication mechanisms such as ... // run the mysql command via the cmdline ... but there is a security issue - one that I thought I ...
    (php.general)
  • hiding passwd in cmdlines that appear in the process list
    ... I'm using it for it to run mysql in order to import SQL scripts ... // run the mysql command via the cmdline ... the security issue occurs due to the fact that the process list (this is ... BUT in using php's exec() to run the cmdline causes the following to show up in the processlist: ...
    (php.general)
  • Re: [PHP] hiding passwd in cmdlines that appear in the process list
    ... Don't use exec. ... Or, perhaps, write a shell script that reads the password and provides ... You also could look into other MySQL authentication mechanisms such as ... but there is a security issue - one that I thought I ...
    (php.general)
  • Re: Allot Netenforcer problems, GNU TAR flaw
    ... Allot has addressed all security problems mentioned in the ... SSH port forwarding was disabled. ... port forwarding in SSH daemon configuration. ... Problem number 2 (MySQL access) is also fixed by disabling ...
    (Bugtraq)