Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Re: Re: Secure ways to use DBI?

by LameNerd (Hermit)
on Apr 17, 2003 at 17:11 UTC ( #251260=note: print w/replies, xml ) Need Help??

in reply to Re: Secure ways to use DBI?
in thread Secure ways to use DBI?

Dear Saint dws,

I am but a lowly monk and I am wondering if my particular
solution to this problem resembles any of those you have outlined.

Whenever I need to access a password in a script I pull the password
out of the database itself. This of course assumes the database
is itself secure. I use ssh (F-secure) to call a (bash/SQL*plus) script
that reside on the database server.
This script returns the passwords my scripts needs to use.

I guess what I am asking is, does my script constitute a middle-tier process
you mentioned in your post?

Please bestow some wisdom upon me :)

Replies are listed 'Best First'.
Re: Re: Re: Secure ways to use DBI?
by dws (Chancellor) on Apr 17, 2003 at 17:20 UTC
    I use ssh (F-secure) to call a (bash/SQL*plus) script that reside on the database server.

    The question you need to ask yourself is this: "If some wiley hax0r where to gain control of the web server, how difficult would it be for them to get my database password?"

    If they see before them a script that uses ssh, can they then use that script to get the password? If so, you haven't gained yourself much.

    Now if this is all done from a middle tier that the wiley hax0r can't get to, that's another matter.

    Whether what you describe is a "middle-tier process" I don't know. Perhaps.

    Update: What this scheme seems to protect against is losing the password to a sniffer. That works only if you're then using some secure, database-dependent login mechanism, or are using ssh-tunneling to talk to the database.

      Ah I see.

      My script (an LWP Perl script) that calls the ssh to get a password from the DB,
      does not reside on the web server and is not used by a web server in anyway.

      But this script does need to use a password to connect to a https webpages that requires a user/password.
      The machine the script resides on (M1) is seperated from the DB server with a firewall (FW1) and
      seperated from the "outside world" with another firewall (FW2).

      I think this set up is pretty secure. Here's where I expose my ignorance of
      . FW1 only allows ssh and scp from M1 and FW2 only allows http and https to
      pass through.

      Does that make any sense?
        Does that make any sense?

        Yup, though I'm unclear on where the web server fits into the picture. You say that your script "does not reside on the web server," but then say that FW2 only allows http and https to pass through. Does that mean that the web server is on M1, or on separate box?

        With the caveat that I'm not an expert, this sounds like a pretty solid scheme, as long as you're keeping up with vendor patches for the web server (and firewall vendor patches for the firewall).

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://251260]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (3)
As of 2022-05-27 22:33 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (98 votes). Check out past polls.