php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #31564 Secure Password Storage
Submitted: 2005-01-15 16:52 UTC Modified: 2013-09-12 13:50 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: OvdSpek at LIACS dot NL Assigned:
Status: Wont fix Package: *General Issues
PHP Version: 5.0.3 OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
33 - 6 = ?
Subscribe to this entry?

 
 [2005-01-15 16:52 UTC] OvdSpek at LIACS dot NL 
Description:
------------
Hi,

Would it be possible to add secure password storage (mainly for database access) to PHP (when used as web server module) such that:
The passwords are per vhost.
The passwords can't be read by scripts themself in any way.
The passwords can only be read by the library (function) that actually uses them.
Multiple passwords can be stored. For example, a vhost could use five user/pass combinations to access five databases.

The advantage would be that passwords wouldn't be stored in normal PHP files (readable by scripts) anymore and that script configuration would be easier.

Reproduce code:
---------------
-

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-09-12 13:50 UTC] nikic@php.net
-Status: Open +Status: Wont fix -Package: Feature/Change Request +Package: *General Issues
 [2013-09-12 13:50 UTC] nikic@php.net 
Won't happen, because password management is too diverse to have some one-size fits all solution. There is no problem per-se that scripts can read passwords.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu May 02 04:01:30 2024 UTC