Question:
What is the proper and secure method to allow read and write access with username & password to a database?
anonymous
2010-01-25 21:43:58 UTC
I understand that programming the username and password in the code directly is bad practice. I've never taken any cryptography class in college so this isn't second nature to me. I've read many places to use a config file, but that would need to be encrypted and the keyword to decrypt that file would be hard coded into the software which is a no no.

The user is and always will be unaware of the username and password to the database. The language shouldn't matter, but the project consists of mostly AutoIt followed by Ruby and the database is MySql. Autoit provides for obfuscation methods but that is not an acceptable solution. The project has pretty much hit a brick wall and I'm not sure how to overcome this without asking or begging for help to proceed safely.

Granted the probability of anyone desiring to reverse engineer this code is slim to none I just don't want to take any chances. The database does not contain any critical data, but it would be a huge pain to recover from any incidence of compromise, hence the desire for security.
Five answers:
Pete S
2010-01-25 22:38:21 UTC
Your biggest issue in security isn't so much reverse engineering, its protecting yourself from inside attacks and bad input.



One first step in many databases is to write all of your sql as stored procedures, and only grant the database user access to those procedures, instead of direct access to your tables. At a minimum the final database user for your project shouldn't be allowed to create or drop tables or create\drop users or change database configurations. Basically the idea is that whoever gains your database user account from the program, should have no more permissions then the program needs to do its job, minimizing your risk.



Another step is to ensure all of your sql code is protected against sql injection attacks so strange effects don't occur via bad input Sally;DROP TABLE USERS for example. Finally you mention having to recover would be a huge pain, well you are making nightly backups of your database right? Unless the attacker knew about these, you could use a nightly backup if necessary to restore your code. Plus you need to be able to weather hard drive crashes and the ilk. Finally, make sure there's an audit system in place via logging to track operations that you deem are suspect and would muck up your data (raising salaries, etc), its generally good to have a paper trail.
Paul W
2010-01-25 22:33:38 UTC
Set it up so everything for that particular site is running as a user/group that other sites do not run as. The script (or included file) containing the db credentials is owned by that user/group and perms are set so only that user can read it. I do things this way all the time. I can set temp/upload directories within that site to be read/write for that user only. Below is some info on the apache2 module I use to do this:



apache2-mpm-itk - multiuser MPM for Apache 2.2



The ITK Multi-Processing Module (MPM) works in about the same way as the classical "prefork" module (that is, without threads), except that it

allows you to constrain each individual vhost to a particular system user. This allows you to run several different web sites on a single server

without worrying that they will be able to read each others' files.
_anonymous_
2010-01-25 22:17:58 UTC
you can always take Joe's suggestion, but here's another way (if you want to use username/pass authentication in other areas):



you don't have to store the password directly, you can store a hash of it using a given algorithm (i recommend sha-256 or any other sha-2 function). when checking, you can re-hash the password given, and if the hashes match, then the password is correct. a hash is "one-way," so if you have the hash, determining the original data that went in is very difficult

(this is the way most programs do it)

for the username though, it should be fine unencrypted, but if you want more security, you can hash that too with the above method



more info

hash functions (in general): http://en.wikipedia.org/wiki/Cryptographic_hash_function

SHA functions: http://en.wikipedia.org/wiki/SHA_hash_functions
Joe
2010-01-25 22:00:38 UTC
Doesn't MySQL incorporate username / password authentication? You should be able to collect the user's login credentials in your code, and just pass them to MySQL for login authentication.



That way, you don't have to re-invent the wheel.
Ann
2016-04-05 09:40:40 UTC
Private Sub entrar_Click() Dim inAs String in= InputBox("Enter the Password", "Window title") user=InputBox("Enter the user name", "Window title") If con = "yyyyyy" and user="Fred123"Then 'or you can define your own password FormName.Show Else MsgBox "The password is incorrect. Try again.", vbCritical, "Window title" End If End Sub I do not think you find it helpful


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...