* Thomas Roth wrote on Thu, Oct 23, 2003 at 16:38 +0200:
I think I fixed my problem with mysql.
Well, as this is a security list, let's discuss a little :)
1) I found that the PHP-script was actually read: supplying some special characters instead of the said parameters to mysql_connect() resulted in a parse error at that line of the script.
How could you manipulate your script to use special characters in mysql_connect? By changing the sources? Of course you have to make sure that this isn't possible by passing malformed data on the external interfaces. I think there are conditions where variables can be taken from the CGI environment somewhat automatically. I think that is a big pitfall as you might find yourself in using not-sanitized data from untrusted source (browser).
2) However, sensible values seemed never to be used for the connection attempt. (PASSWORD: NO in the error message)
You cannot process sensible values with PHP, except if you have a dedicated (logical) server for each user - at least when using mod_php instead of CGI mode. The reason is the mod_ stuff - performant but insecure: every script runs in the same environment as the same user. PHP may try to put some security from top-level, but this cannot work well because of the complexity.
3)The trick was to switch off the sql.safe_mode in php.ini. (And that is not connected to the setting of php safe_mode )
Yep, another drawback of mod_php is the global configuration :) Again, if you have one script (-system), then it's no problem of course. Why did you need to set sql.safe_mode off? What does this mean exactly? I would expect that you want sql.safe_mode plus a possibility to connect (however, this seems to be *really* secure :-)). Thank you for your mail. It is great when people not only ask questions but also share the solution when they found it. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.