开发者

Securing SQL queries, insuring that no one person knows that password

开发者 https://www.devze.com 2023-02-19 18:56 出处:网络
What are some effective and secure methods of securing SQL queries? In short I would like to insure that programmers do not see the passwords used by the application to perform queries.Someth开发者_S

What are some effective and secure methods of securing SQL queries?

In short I would like to insure that programmers do not see the passwords used by the application to perform queries. Someth开发者_StackOverflowing like RSA or PGP comes to mind, but don't know how one can implement a changing password without being encoded in the application somewhere.

Our environment is a typical Linux/MySQL.


This might be more of a process issue and less of a coding issue.

You need to strictly separate the implementation process and the roll-out process during software development. The configuration files containing the passwords must be filled with the real passwords during roll-out, not before. The programmers can work with the password for the developing environment and the roll-out team changes those passwords once the application is complete. That way the real passwords are never disclosed to the people coding the application.

If you cannot ensure that programmers do not get access to the live system, you need to encrypt the configuration files. The best way to do this depends on the programming language. I am currently working on a Java application that encrypts the .properties files with the appropriate functions from the ESAPI project and I can recommend that. If you are using other languages, you have to find equivalent mechanisms.

Any time you want to change passwords, an administrator generates a new file and encrypts it, before copying the file to the server.

In case you want maximum security and do not want to store the key to decrypt the configuration on your system, an administrator can supply it whenever the system reboots. But this might take things too far, depending on your needs.


If programmers don't have access to the configuration files that contain the login credentials and can't get to them through the debug or JMX interfaces then that should work. Of course that introduces other problems but that would potentially satisfy your requirement. (I am not a Qualified Security Assessor - so check with yours to be sure for PCI compliance.)

0

精彩评论

暂无评论...
验证码 换一张
取 消