使用 PHP 进行远程数据库的数据库转储/备份时的安全风险和适当措施 [英] Security risks and appropriate measures while using PHP for taking database dumps/backups of remote databases
问题描述
当然,在使用 PHP 进行数据库备份/转储时,脚本超时可能会超过等(除非相应设置).但是忽略这些与安全无关的事情,涉及的所有安全问题是什么.
Of course there is possibility of script timeout exceeding etc. (unless set accordingly) when using PHP for taking database backups/dumps. But ignoring these non-security related things what are all the security issues involved.
我在某处读到,由于需要在网络空间中创建备份,因此存在其他用户从浏览器访问文件的风险.有人可以详细解释一下吗?在设置正确的文件权限之前,创建转储时是否存在暂时风险?如果是这样,像 PhpMyAdmin 这样的应用程序如何处理?我读到他们做了一些事情,但我不确定是什么,我发现在不知道他们究竟做了什么的情况下探索它的代码来定位技巧非常痛苦.所以,如果你们可以分享基本的想法/技术开始.除此之外,还存在其他安全问题.很高兴看到这里讨论的所有可能性,以便新手程序员在遇到麻烦之前有所了解.
I read somewhere that since the backup needs to be created in the web space, there are risks of the file getting accessed from browser by other users. Can someone explain that in detail? Is there a momentary risk when the dump is created, before proper file permission is set? If so, how do apps like PhpMyAdmin take care of that? I read that they do something but I am not sure what and I found it quite painful to explore its code to locate the trick without knowing what exactly they do. So, if you guys could share the basic idea/technique to start with. Other than this what other security issues exist. It would be nice to see all the possibilities discussed here, so that newbie programmers are aware before running into trouble.
当然最好使用 shell 脚本之类的东西,但这可能并不总是达到目的 -
Of course it is better to use things like shell scripts but this may not serve the purpose always -
- 用户可能不是技术人员,更愿意运行简单的 URL 进行备份.
- 可能没有可用的外壳访问等
谢谢,
桑迪潘
推荐答案
重新 phpMyAdmin 的导出过程:我认为 - 这不是权威,但我相当确定它是如何工作的 - 那phpMyAdmin 从未真正创建文件,而是直接传递转储的结果.因此,除了请求它的用户之外,任何其他人都无法访问转储的 URL.这一切都发生在脚本运行时占用的内存中.
Re phpMyAdmin's export process: I think - this is not authoritative, but I'm fairly sure this is how it works - that phpMyAdmin never actually creates a file, but passes through the dump's results directly. So there never is a URL under which the dump could be reached by anybody else except the user who requested it. It all takes place within the memory the script occupies while it runs.
如果您可以这样做(仅将数据直接发送给经过身份验证的用户),您会没事的.确实存在潜在危险的是在 Web 根目录中存储临时的、不受保护的文件.这绝不应该成为备份过程的一部分.
If you can do it that way (send data only directly to the authenticated user) you will be fine. What is indeed potentially dangerous is storing temporary, unprotected files in the web root. That should never be a part of the backup process.
这篇关于使用 PHP 进行远程数据库的数据库转储/备份时的安全风险和适当措施的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
