0

Title basically says it all, the default config.php file created when installing the CRM product/frontend (SugarCRM) that my client purchased has the MySQL db user's password stored in it in plain text?

Is there any good way to encrypt the password itself so it isn't just sitting there in the file easily readable?

Or is it just a matter of if somebody has access to the file already then you're already in a heap of trouble as they're already in your system?

Just wondering if/what the best practices for this type of situation might be?

zoo_live_crew
  • 45
  • 7

3 Answers3

3

Or is it just a matter of if somebody has access to the file already then you're already in a heap of trouble as they're already in your system?

Yes.

longneck
  • 22,793
  • 4
  • 50
  • 84
3

Configuration files of web applications generally have the secrets in plain text.

Most Cloud Hosting vendors (IaaS/PaaS) support passing custom data when launching instances so that they are available as environment variables. However the application has to be modified to support reading secrets from Environment variables. Refer an example from Heroku.

Is there any good way to encrypt the password itself so it isn't just sitting there in the file easily readable?

The permissions of the file should not be world readable.

Or is it just a matter of if somebody has access to the file already then you're already in a heap of trouble as they're already in your system?

Yes. Access to system is a check-mate situation. Hardening the system is the first step. Hardening has to be done at all layers, application, database, OS, network, etc.

Remember, Security is a moving target and is never done.

Shyam Sundar C S
  • 1,063
  • 8
  • 12
1

There are ways to partially mitigate this through encryption schemes, loading passwords and etc directly into memory, etc, but those schemes are really about obfuscation. If you want something to automatically login to something else, you have no choice but to setup some sort of secret, plain text or not, to give it the ability to do it. Once you do that, a system compromise always means that the secret is also compromised. Schemas to make this more difficult do just that... they don't make it impossible.

High security systems that need auto login generally use detailed monitoring to detect patterns of abuse, rather than forbidding access.

The only way to be sure is to never commit the password to digital storage at all, and to have humans type it in.

In future, we'll have AI that will do this for us, but for now, thats what we have.

T. B.
  • 313
  • 1
  • 2
  • 8