[libdb-develop] Installation: Storing the DB Password, Thoughts
Status: Inactive
Brought to you by:
morbus
Menu
▾
▴
[libdb-develop] Installation: Storing the DB Password, Thoughts
|
From: Morbus I. <mo...@di...> - 2004-02-06 22:35:34
|
Hey all.
LibDB needs to save your database password, in plain text, to a file on
your server. Currently, it saves this into a file called ".htlibdb", which
is in the root of your libdb/ directory.
That name was chosen for one reason: under the Apache webserver, any file
that starts with ".ht" is never served via the web. In other words, no one
would ever be able to retrieve your database password, unless Apache had
been grossly misconfigured.
A major problem with this have been brought to my attention:
* the starting "." causes the file to be hidden in most file
listings (OS X hides them in the Finder, some FTP clients
do not show dot files by default, etc.). The problem: if the
installer can't set the permissions of the file itself, the
user has to. If the user can't *find* the file because it's
being hidden by their software, neither will they.
In Movable Type, the solution is to use a publicly accessible
file that is shortcircuited to break. The file, "mt-db-pass.cgi",
merely contains one word: the password. However, because it's named
.cgi, the assumption is that:
* Apache will try to execute the file if you're in a /cgi-bin/.
* The file is set executable anyways, and fails with a parse error.
These both "shortcircuit" the file to cause it to "break", never
revealing the password. The downside is that a broken CGI conf
*could* cause the file to be readable. Breaking the CGI conf
is a lot easier than breaking the .ht configuration.
The other downside of .htlibdb is that, as far as I know, other
webservers MAY NOT follow the same procedure: they may have no
problem with serving .ht files to the web, at large.
So. ".htlibdb" or "settings.cgi": which do you prefer, which
is the least
of two evils? On one hand (.htlibdb), we've got
more security, but less user-friendliness. On the other
(settings.cfg), the file will be easier to find, but
potentially easier to view.
Thoughts?
--
Morbus Iff ( i put the demon back in codemonkey )
Culture: http://www.disobey.com/ and http://www.gamegrene.com/
Spidering Hacks: http://amazon.com/exec/obidos/ASIN/0596005776/disobeycom
icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus
|
