Solved

Protecting data on ubuntu server, access via PHP

Posted on 2012-04-04
5
388 Views
Last Modified: 2012-04-16
I have an ubuntu server which is running Apache and a special PHP webpage I wrote.

The PHP page allows a user to authenticate and access a special secret "document" that belongs only to them. Each user has their own secret document, and I have a back-end system for configuring the access control lists, user accounts etc. The server uses a properly signed SSL certificate, and the PHP itself is well written.

On the back-end, the documents themselves are stored in a folder on my server which is not web accessible, e.g. in /usr/share/secretstuff/[accountid]/somefile.txt. PHP currently gains access to the file via file_get_contents() and displays it to the user.

My concern is that the files are just sitting on the hard drive in plain text. I've set the chmod and chown accordingly so only www-data has access, but I'm acutely aware that ANY script running on my apache server can access these files if they know where to look.

I'm also concerned that if the server were compromised (either physically or over the network), the files are totally open.

What are some ways I can protect these files and make it so the files are accessible ONLY through authenticated access from my PHP page?

Ideally, how can I protect the server so that a knowledegable person who knows the system inside and out who has somehow gained root access to the machine, or gained physical access to the machine (e.g. removed the hard drive), still cannot access the files?
0
Comment
Question by:Frosty555
  • 3
  • 2
5 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 37808688
I don't believe that can be done.  If I get root access, I can change anything on your system.  Your only other alternative that I know of is to encrypt the files and make sure the proper user has the only copy of the key.
0
 
LVL 31

Author Comment

by:Frosty555
ID: 37809335
I should include also, that it is important that any backups that get made of the server are just as well protected as the server itself....

I was thinking encryption would be the ideal way to do this. Each user logs in using a password that only they know so I imagine I could use that password, hash it / digest it somehow, and use that as the encryption key?

The problem is that some users have access to more than one document, and an administrator needs access to all of them, so the encryption becomes a bit messy. I don't know how to do encryption with multiple keys. I know that public/private encryption is designed to help with this situation but I don't understand it well enough to get a clear picture of what a proper implementation of it would look like (nevermind the actual coding of that implementation in PHP)

This feels like the sort of problem that has already been solved by the technology used in SSL.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 37809398
SSL is used to encrypt transmissions over the network, not files on a server.  You might want that also.  Security always makes things more difficult, it is supposed to!  You need strong encryption and a plan.  Do a search for "Linux file encryption" http://www.google.com/search?q=Linux+file+encryption , there are a lot of resources available.
0
 
LVL 31

Author Comment

by:Frosty555
ID: 37814698
Okay, so what would be the right way to do this then? If I encrypt the files with a passphrase, that passphrase has to exist somewhere on the server, which defeats the purpose of the original encryption? Is there a better way to protect the encryption key?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 37814736
No, the passphrase will be encrypted into the file in such a way that the encryption software will know how to handle it.  On my web sites with logins, the passwords are not found anywhere in plain text and you are welcome to spend the years it will take to break the MD5 hash to get in.  There is no reason to think that the people who wrote the encryption software did not think of this.

There is no Perfect answer.  Encryption and security is always a matter of how difficult do you want to make it.  Generally the answer is, more difficult than the people want to deal with that would otherwise steal the info.  The average computer user won't try very hard.  If some government with super-computers wants to break in, they may have the resources to do it.

Don't over think this.  People smarter than you and me have already solved this problem many times.  Make a list of your needs and find some software that will provide them.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
UNIX SCP 5 67
Citrix 6.5 / Receiver 12.x / MAC OS 10.x 9 45
How to limit traffic to Netscaler 10.5 VIP 3 21
VLANs and isolation / private networks 3 23
By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now