How to hide user name and password in configuration files

[everbright]

Hi all,

 

I'm currently involved in customizing the Open Source CMS Joomla for usage in a secure environment. One of the security requirements is the need to be able to make it as hard as possible for the server administrators to be able to compromise the database.

 

Unfortunately, Joomla (and I guess almost all PHP application) puts its database connection parameters in clear in its configuration file. OS file permissions will not help as the SAs will be able to compromise that easily.

 

Has anyone had experience with such scenario, and any good implementations that you can share over here?

 

Thanks!

 

 

[revraz]

If you can't trust your SA's, who can you trust.  Just about anything you do, they'll have access to won't they?

[taith]

If you can't trust your SA's, who can you trust.  Just about anything you do, they'll have access to won't they?

 

pretty much sums it up...

 

when you get right down to it... everything is accessable to a SA... if they wanted to break a site... they could just delete the config file... simple enough...

[JonnoTheDev]

Store the configuration file somewhere on your server that your admins do not have permission to. Do not store in the web document root. Change the include paths within the CMS to the new location.

[PFMaBiSmAd]

An admin could write a .php script in about 30 seconds that could read and display the contents of any file that another .php script can also read.

[JonnoTheDev]

An admin could write a .php script in about 30 seconds that could read and display the contents of any file that another .php script can also read.

 

Encrypt with ioncube: http://www.ioncube.com/

 

However if your admins can update php files then youre pretty much stuffed as they could output all variables from any part of the system.

[revraz]

And they can even read the encryption method and probably have access to decrypt it.