Posted by rossz on 09/26/05 06:30

Han wrote:
> Our app runs on end-users machines (apache2.x + php5). At this moment
> it is quite easy for someone (who has access to the console) to insert
> a couple lines of php code to steal sensitive info.
>
> Is there a way to check the integrity of the php and javascript code by
> using digital signatures/simple hash/etc. ?
>
> What do you do to verify that your code has not been changed by someone
> else and everything is leaked to a rogue site?

The only way to secure this is to not put the program on the enduser
machines. Make it a proper client server app. Have the PHP on the
server only and properly secured.

You _might_ be able to secure some of the data if it's in a SQL database
and you set the permissions so that sensitive data can never be
retrieved with the username/password used to access the database. In
fact, you should be doing this even if the program is running on the
server side.

And no, a compiled program won't actually improve your security. Your
problem isn't in the type of program being executed. Your problem is
your complete lack of a proper security model.

--
Rossz
God kills a kitten each time someone uses Internet Explorer

[Back to original message]