List:General Discussion« Previous MessageNext Message »
From:peter lovatt Date:January 30 2007 9:54am
Subject:Re: Safe DB Distribution
View as plain text  
Hi

You probably cant make it 100% secure, because php is not a fully compiled
language, and as such an expert techie could probably add extra code to your
app that wouild allow access to the database, BUT you can get pretty close.

You will need to encrypt everything in the database using MySql encryption
functions

http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html

This will mean you can only access the data using the password it was
encrypted with. This will stop anyone installing the database accessing the
data using another MySql client.

Next you need to encrypt the php so that the user cannot get the encryption
password. There are a couple of options I can think of, there are probably
more. The first is Zend Accelerator ( http://www.zend.com) , which I think
compiles the php (check this though). The second is ioncube (
http://www.ioncube.com/) which is intended to prevent unauthorised access to
php code.

As above, your app needs MySql, and is not open source so you need a mysql
licence.

Hope this helps

Peter


On 30 Jan 2007 09:08:38 -0000, Felix Geerinckx <felix.geerinckx@stripped>
wrote:
>
> psuhas@stripped ("Suhas Pharkute") wrote in
> news:b33c3a790701291048k34808cbdrc713df5b4b8bfd16@ style="color:#666">stripped:
>
> > I want to distribute the MySQL DB to different user with an PHP web
> > app.
>
> Make sure you have read and understood the MySQL licensing policy, if your
> app is not open source (as it seems to be).
>
> > My biggest problem is MySQL data files. Is there anyway by which
> > I can configure the MySQL so that only PHP script can read it and if
> > you happen to copy the Data files and try to use it, that will be
> > useless.
>
> No.
>
> --
> felix
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:
> http://lists.mysql.com/mysql?unsub=1
>
>

Thread
Safe DB DistributionSuhas Pharkute29 Jan
  • Re: Safe DB DistributionFelix Geerinckx30 Jan
    • Re: Safe DB Distributionpeter lovatt30 Jan
      • Re: Safe DB DistributionDotan Cohen30 Jan
        • Re: Safe DB DistributionSuhas Pharkute30 Jan
    • Re: Safe DB Distributionmizioumt30 Jan
      • Re: Safe DB DistributionGerald L. Clark30 Jan
        • Re: Safe DB Distributionmizioumt30 Jan
        • Re: Safe DB Distributionmos30 Jan
  • Re: Safe DB DistributionFelix Geerinckx30 Jan
    • Re: Safe DB Distributionmizioumt30 Jan
Re: Safe DB DistributionAles Zoulek30 Jan
  • Re: Safe DB DistributionSuhas Pharkute30 Jan
    • RE: Safe DB DistributionSST - Adelaide)30 Jan
      • Re: Safe DB DistributionSuhas Pharkute30 Jan
      • Re: Safe DB DistributionSuhas Pharkute30 Jan
      • Re: Safe DB DistributionSuhas Pharkute30 Jan
        • Re: Safe DB DistributionDan Nelson30 Jan
          • Re: Safe DB DistributionAles Zoulek30 Jan