[Toolserver-l] Switchboard/FastCGI on new webserver
Carl Beckhorn
cbeckhorn at fastmail.fm
Mon Dec 15 12:57:00 UTC 2008
On Sun, Dec 14, 2008 at 09:45:50AM -0500, Aryeh Gregor wrote:
> On Sun, Dec 14, 2008 at 4:08 AM, Bryan Tong Minh
> <bryan.tongminh at gmail.com> wrote:
> > It would of course be a good idea, but any PHP(f) file that is world
> > readable and has passwords in it is inherently a security leak.
>
> So how do you store your passwords, such that the web server can read
> them to connect to the database but can't read them to serve the files
> containing the passwords?
The answer, which someone else already pointed out, is to put the
password-containing files outside your personal web directory, such
as in your ~/.my.cnf file, and set them so that only you can read them.
Your cgi scripts run as your user id, not the webserver's user id.
I'm certain that this sort of UNIXy file security is a mystery to many
users, so it ought to be documented somewhere. But, lacking that, here
are a couple rules of thumb:
1) Never put a password directly in a cgi script. Make the script read
passwords from some other dedicated configuration file.
2) Never assume that the source code of your cgi scripts is secret or
secure.
3) Don't use your personal wiki password from your cgi scripts - make
a separate account.
A side benefit of 1-2 is that it makes sharing your source code much
easier. You don't run the risk of accidentally committing into svn a
version of your code with a password in it. And you don't have to edit
the code to hide the password when you send the code to someone else.
- Carl
More information about the Toolserver-l
mailing list