Jeff MacDonald wrote:
>
> hey folks,
>
> this is a security issue i'd like to get some info
> on, i'm sure it's more with cgi than postgres, but
> heck.
>
> issue: how to secure cgi's that access postgres
>
> problem: passwords for postgres database are stored
> in plain text in scripts. (lets assume, perl,
> not a compiled language)
>
> points:
> make cgi dir 711
> big deal, they can get the name of the file
> from the web, and copy it.
>
> set an obscure cgi script alias in apache
> big deal, they can read the cgi conf file.
>
> this is assuming they already have an account
> on the machine, something that cannot be ruled
> out.
>
> question in short: how to make perl accessing databases
> more secure, so any jack can't modify a database.
>
> thanks in advance.
>
> Jeff MacDonald
> jeff@hub.org
I'm not sure if this is definitive - hackers are very clever, but
this SHOULD do it:
1. httpd runs as user 'nobody'
2. 'nobody' doesn't have a shell account (shell = /bin/false)
3. no one can 'su' to 'nobody', except root (obviously)
4. pg_hba.conf allows only local connections (127.0.0.1)
5. the postmaster isn't running with -i
6. 'nobody' owns the database and has granted privileges to only
those other users as appropriate
7. The password (as added protection) is in some file readable by
user 'nobody' only.
Hope that helps,
Mike Mascari