[UPHPU] database security questions

[Jordan S. Jones]

Kyle Waters wrote:
> I'm in charge of implementing *the* company database.  This 
> database(pgsql) stores information that the whole company is meant to 
> see and will eventually store private information like social security 
> numbers, and pay rates.
>
> problem 1
>    The server that the database and scripts are stored on is being 
> used for other purposes and many employees at the company will have 
> shell access to the server.  So I need to protect my script with the 
> database username and password in it from other users.  I know the 
> easy way to do this is to set the permissions on my files to 660 and 
> set the group to all the files as apache.  And then add all my 
> developers to the apache group.
>    However that solution bugs me.  So I thought I would ask what other 
> people did.  I'm thinking that rather than use the apache group I will 
> user an other group for my developers and then just give apache read 
> access with acls, but I have never used acls before so I'm not sure if 
> that is a good solution.

IMO I think your best solution for problem 1 is to buy a commercial 
encoder such as Zend's Zend Guard (http://www.zend.com/products/zend_guard)

>
> problem 2
>    I have data in the database that everyone needs access to and other 
> data that needs to be restricted.  So I have names, phone numbers and 
> social security numbers.  I may want to give certain pgsql accounts 
> and scripts access to a persons name and phone number but not that 
> persons social security number. Should I create a separate table with 
> a one to one relation to store the private information?  Then I can 
> set privileges on each table, or is there a better way to do this?

One option would be to encrypt the SSN's before being shoved into the 
table and using the previously mentioned product, you can ensure that 
only your scripts can read the plain text version.

>
> I hope some of that makes sense.
>
> Kyle
>


Jordan S. Jones