Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Often in example code for software, I see a connection string eg. mysql://user@localhost
in the configuration file for the software to get access to the database. This seems fine for a test/development server but for production, this seems very insecure. What is the correct way to do this in a production environment?
That’s pretty much the way it is on a production server as well. While it’s a good idea to have the application access the database using an account that is as restricted as possible (e.g., it might not have permission to create or drop tables, schemas, databases, or might even be read-only depending on the application), if someone gains access to the application server they’re pretty much going to gain at least that level of access to the database server – even if the authentication to the database is based on “trust” (i.e. some windows types of schemes), the attacker has access to the trusted host.
In past jobs, I’ve heard considerations of various obfuscation scenarios but ultimately they don’t accomplish much.