openssl_pkcs7_encrypt()
requires the data to be encrypted to be read from a file and so unfortunately it requires sensitive data to be written to temporary file before being encrypted.
In a shared hosting environment, what steps can I take to minimise the risk of the sensitive data being read / stolen when having to momentarily write it into a temp file?
The code:
$file = tempnam(sys_get_temp_dir(), 'mail');
file_put_contents($file, $body);
$encrypted = tempnam(sys_get_temp_dir(), 'encrypted');
if (openssl_pkcs7_encrypt($file, $encrypted, "cert.pem", NULL)) {
@unlink($file);
$body = file_get_contents($encrypted);
@unlink($encrypted);
} else {
@unlink($file);
@unlink($encrypted);
}
The few things that concern me are:
sys_get_temp_dir()
depending on the environment / host, this can vary.- Would calling
file_put_contents($file, "");
before the@unlink($file)
make a difference? - I'd imagine a
throw…catch
around everything with the@unlink
calls would also help