Secure database retrieval

Re: Secure database retrieval

On 23 Oct 2005 06:25:40 -0700, "peter" <plaz987@yahoo. com> wrote:
[color=blue]
>I have taken over the website duties at work. I am still learning PHP
>and MySQL. I want to have a form where the user enters some finacial
>info and it is stored in a database. It, obviously, needs to be
>secure. I know how to make the input form secure. But what about
>retrieving the data? I was thinking I would use a password-protected
>secure form for that. Is that enough? What if I happen to view the
>records using PhpMyAdmin? Does that constitute an insecure
>transmission ? Any other thoughts regarding the security of a setup
>like this would also be greatly appreciated.[/color]

Use your PHP skills to write a secure form and access the mysql
database that way. Put it on an SSL protected port for added
security.

I've added the new comp.databases. mysql group so you can get answers
to the mysql questions there.
--
gburnore at DataBasix dot Com
---------------------------------------------------------------------------
How you look depends on where you go.
---------------------------------------------------------------------------
Gary L. Burnore | ÝÛ³ºÝ³Þ³ºÝ³³ÝÛº ݳ޳ºÝ³Ý³Þ³ºÝ³Ý ÝÛ³
| ÝÛ³ºÝ³Þ³ºÝ³³ÝÛº ݳ޳ºÝ³Ý³Þ³ºÝ³Ý ÝÛ³
Official .sig, Accept no substitutes. | ÝÛ³ºÝ³Þ³ºÝ³³ÝÛº ݳ޳ºÝ³Ý³Þ³ºÝ³Ý ÝÛ³
| ÝÛ 0 1 7 2 3 / Ý³Þ 3 7 4 9 3 0 Û³
Black Helicopter Repair Services, Ltd.| Official Proof of Purchase
=============== =============== =============== =============== ===============

Re: Secure database retrieval

>I have taken over the website duties at work. I am still learning PHP[color=blue]
>and MySQL. I want to have a form where the user enters some finacial
>info and it is stored in a database. It, obviously, needs to be
>secure. I know how to make the input form secure. But what about
>retrieving the data? I was thinking I would use a password-protected
>secure form for that. Is that enough? What if I happen to view the[/color]

You need to worry about two different connections, independently:
- The web-server-to-browser connection. https and good authentication
is good enough for this.
- The database-to-web-server connection. MySQL can use SSL for the
database connection. Use of https on the web server does NOT protect
the database connection.

If the database-to-web-server connection is LOCAL (both on the same
server), is security really an issue? If you don't trust the people
who can use shell logins into the box, you probably have much worse
problems than snooping localhost, like cracking MySQL directly. If
the database-to-web-server connection goes over your local LAN only,
security may not be an issue if you have good physical security and
few employees who don't have access to the info anyway. If the
database-to-web-server connection is over the Internet, you have a
problem. Use SSL or SSH tunnels for the MySQL connection.

[color=blue]
>records using PhpMyAdmin?[/color]

If PhpMyAdmin is not set up on a secure (https) web server, it's insecure.
If the database connection to the web server goes over the Internet and
it's not encrypted, it's insecure.
[color=blue]
>Does that constitute an insecure
>transmission ? Any other thoughts regarding the security of a setup
>like this would also be greatly appreciated.[/color]

Gordon L. Burditt

Re: Secure database retrieval

In article <1130073940.172 105.246100@f14g 2000cwb.googleg roups.com>,
"peter" <plaz987@yahoo. com> wrote:
[color=blue]
> I have taken over the website duties at work. I am still learning PHP
> and MySQL. I want to have a form where the user enters some finacial
> info and it is stored in a database. It, obviously, needs to be
> secure. I know how to make the input form secure. But what about
> retrieving the data? I was thinking I would use a password-protected
> secure form for that. Is that enough? What if I happen to view the
> records using PhpMyAdmin? Does that constitute an insecure
> transmission? Any other thoughts regarding the security of a setup
> like this would also be greatly appreciated.
>
> Thanks,
>
> Peter[/color]



has great articles on php and security issues. Specific to your
question, there's




--
DeeDee, don't press that button! DeeDee! NO! Dee...

Re: Secure database retrieval

Both the database and the server are hosted, if that is the right term.
So I'm not sure what to make of it.

Peter

Re: Secure database retrieval

>Both the database and the server are hosted, if that is the right term.[color=blue]
> So I'm not sure what to make of it.[/color]

So what argument do you pass to mysql_connect() or mysqli_connect( )
for the host name of the database? "localhost" ? If so, they're
on the same server. If not, and it's a host name, do the web server
and the database server have IP addresses in the same class C?
(first 3 octets the same)? If so, they may well be on the same
LAN, which is a lot safer than having it go across the Internet.

In any case, with a hosted setup, you're stuck trusting the
administration of either the web server or the database server. If
they steal credit card numbers from your site, you're stuck, and
there's not much you can do but find another host.

Gordon L. Burditt

Re: Secure database retrieval

Thank you for taking the time to answer my questions. I do use
"localhost" . So my main concern is trusting the hosting company? That
and the security of the transmission when I retrieve the data?

Peter

Re: Secure database retrieval

>Thank you for taking the time to answer my questions. I do use[color=blue]
>"localhost" .[/color]

Then you don't really have to worry much about the link between
the web server and the database: they're on the same machine.
That's pretty hard to sniff, and if they can sniff it, they
can probably crack the database directly anyway.

You still have to worry about the link between the web server
and the browser (use https and authentication) . I think you've
dealt with that.

You still have to worry about more direct access to either the web
server or the database server (which in your case are the same
machine). This includes such things as admins on those servers,
someone breaking in and stealing the hard disk containing the
database, corporate takeovers of the hosting company by someone
unethical (they own the hard disk with your database now), logging
code (viruses) inserted into the web server, etc. With a hosting
company you're pretty much stuck with trusting them after making
your best choice of a host. If you do your own hosting, deal with
your physical security and trusting your employees.
[color=blue]
>So my main concern is trusting the hosting company? That
>and the security of the transmission when I retrieve the data?[/color]

Gordon L. Burditt

Re: Secure database retrieval

Ok, Gordon, I have a much better understanding of what I need to do.
Thank you. Thank you Michael and Gary also.

Peter