比将mysql密码以纯文本格式存储在配置文件中更好的方法?
令我感到困扰的是,许多PHP程序要求用户将mysql密码以纯文本(字符串或常量)存储在应用程序根目录下的配置文件中.
It's always bothered me that many PHP programs require the user to store the mysql password in plain text (in a string or constant) in a configuration file in the application's root.
这些年来,有没有更好的方法呢?
Is there any better approach to this after all these years?
到目前为止,我提出了两个最小的安全性增强措施:
So far I have come up with two minimal security boosts:
-
使用.htaccess中的规则通过网络使文件不可读 (以防php失败或存在读取php源代码的安全漏洞)
make the file unreadable via the web using rules in .htaccess (in case php fails or there's a security vulnerability to read php source)
在建立数据库连接后销毁内存中的密码(未设置) (以防止由于安全漏洞,注入等导致字符串转储)
destroy the password in memory after the db connect is made (unset) (to prevent string dumps from a security breach, injection, etc.)
但是,当然,这些解决方案都不能解决原始问题.
but of course neither of those solve the original problem.
感谢其他任何想法!
由于您的代码将需要密码,因此没有完美的安全性.但是您很难恢复.
Since your code will need the password there is no perfect security. But you can make it hard to recover.
我在我的Web配置中放入了一些哈希,作为环境变量,例如MYSQL_PASS_HASH
I put some hash in my web config, as an environment variable, say MYSQL_PASS_HASH
然后我做类似md5(getenv('MYSQL_PASS_HASH').'gibberish$qwefsdf')的操作,然后输入密码.如果您偏执,当然应该在unsetenv之后.
Then I do something like md5(getenv('MYSQL_PASS_HASH').'gibberish$qwefsdf') which is then the password. Of course you should unsetenv after that if you're paranoid.
您的密码实际上不会存储在某个地方,只有当有人同时拥有您的Web配置和您的数据库包括时,才能恢复该密码.
Your password will not literally be stored somewhere, and it can be recovered only when someone has both you web config and your database include.
这发生在webroot之外的文件中(不要完全信任.htaccess).
This happens in a file outside of the webroot (don't put all your trust in .htaccess).