Secure the Propel runtime-conf.xml

StackOverflow https://stackoverflow.com/questions/19155357

  •  30-06-2022
  •  | 
  •  

문제

How is the Propel xml file with the database connection password and username supposed to be secured when you put it on a webserver?

-<connection><dsn>mysql:host=localhost;dbname=test</dsn><user>root</user><password/></connection>

If i put it in the main directory anybody who knows the path can access this xml file or?

Is there a simple and effective solution?

thank your for advice

도움이 되었습니까?

해결책

You can go two ways to not have those security issues.

1) Do not store the .xml file on the webserver.

Propel has a command config:convert-xml which converts your xml file into a php file - which can't read from http clients.

config
    config:convert-xml   Transform the XML configuration to PHP code leveraging the ServiceContainer

So just store the xml file in your VCS repo, but delete it on your webserver and generate a php config which you then include in your main index.php.

or

2) Change the entry point of your website.

If you have structure like this:

.
├── composer.json
├── generated-classes/
├── generated-conf/
│   └── config.php
├── src/
│   ├── buildtime-conf.xml
│   ├── runtime-conf.xml
│   └── schema.xml
├── vendor/
│   ├── autoload.php
│   ├── ...
└── web/
    └── index.php

And for example point your Apache to ./web/ instead of ./ then it's not possible to access all other files then in the ./web/ folder. Of course in your index.php are then include statements with /../:

include __DIR__ . '/../vendor/autoload.php';

다른 팁

You're right, of course: It's not really secure in the sense that who gets access to that config file can obtain access to your database.

The only thing you can do effectively is to set up an additional mysql user "mypropeluser" and assign only the mysql permissions required by your application.

After all, what you say about the config file is also true about your PHP project. If someone can access your config directory they could probably also access your php directory and use propel (even if the config file was somehow 'protected') to do what ever they want (inject a "delete all" code, install a backdoor to your database...)

Bottom line: 1) Your propel config will only be as secure as your (web) server. 2) As far as the database is concerned (which ideally is on another machine) you can minimize the worst case by reducing permissions (ie. not allow drop table command)

Not very uplifting, I know. But I hope it helps :-)

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top