bes island

Сайт Дениса Попова

Tumblr story: What does source code exposure mean

19 марта 2011, 23:38 (в редакции от 20 марта 2011, 00:06)

They say there is a website called Tumblr; I don’t use it but they say it exists. OK, and now they say Tumblr experienced a shameful fail recently, when one of their developers wrote “i?php” instead of “<?php” on top of config.php file, which led to its source code being exposed to visitors. The source code contained, in particular, database connection password and many other settings. Not very good.

“How can we keep this from happening to us?” asks Kev Burns Jr. “The only solution I see to this is pre-commit syntax checking for committed PHP files.”

Hear, guys? The problem is not the vital secret production data being exposed. The problem is the source code being exposed. Could you believe it?

Of course, not. The problem here is not that the PHP source code was exposed. OK, they saw your PHP code, what’s the big deal? If it is well written, you could only be proud that people saw your masterpiece. Oh, and I forgot to mention, if you code includes any configuration settings, it is not well written. Rather, it is a pretty shitty code. See, the real problem here is the PHP source containing configuration settings.

Separate your source code from your configuration, and hurray! problem solved.

Never ever write down your configuration like a source code file. (Even if it is called config.php.) Make it a text file, or an XML file, or an .ini file. Then read it and parse it. See how simple it is?

If someone saw your source code, they would not see your configuration. (Except, of course, if your source code makes it possible for an injection like var_export or echo file_get_contents, in which case please refer to Shitty code section back there.)

In cryptography, there is a rule of thumb. Always assume that your encryption algorithm is known to an attacker. And evaluate the strength of your encryption based on this assumption.

The similar rule applies to source code. Always assume that your application is open source, even if it isn’t. And plan your application’s security based on this assumption.

Обсудить в «Живом журнале»

Windows 7 Service Pack 1 О ситуации в Ливии
По возникшим вопросам пишите: denys@denyspopov.biz

Хостинг — «Диджитал оушен»

Impressum. Этот сайт использует куки (cookie). Посещая его, вы даёте согласие на хранение и передачу куки.