Advertisement

how to protect mysql strings?

Started by January 27, 2015 09:52 PM
5 comments, last by rustin 9 years, 9 months ago

I am using mysql to store player data, how can i protect the strings that connect to the database from being comprimised by memory reading etc

:)

If you store connection details on the client, you can not protect it.

You should create server in between. Client ask server hosted by you, server has connection details and decides if data can be saved/loaded to database.

Advertisement

how can i protect the strings that connect to the database from being comprimised by memory reading etc


I can read this question two ways:

1) You are trying to connect to the database from the client software, and don't want the user to be able to extract your database credentials.

2) You are connecting to the database from the application server software, but you want to protect the database credentials in the case of some security exploit that allows the attacker to read memory from the application server process.

In the case of 1), antosdaniel is entirely right: You never expose the database directly to clients. You always put an application server in between (call this the "game server.") The role of the game server is to provide authentication, authorization, and game rule enforcement.

In the case of 2), you can store the credentials in initialized mutable variables, and once connected, overwrite these variables with junk. Like so:

char mysqlname[] = "example";
char mysqlpasswd[] = "swordfish";
char mysqlhost[] = "db.example.com";

db_connection *db_connect() {
  db_connection *ret = whatever_connect_to_database_call(mysqlhost, mysqlname, mysqlpassword);
  if (ret) {
    memset(mysqlname, 0, sizeof(mysqlname));
    memset(mysqlpasswd, 0, sizeof(mysqlpasswd));
    memset(mysqlhost, 0, sizeof(mysqlhost));
  }
  return ret;
}
This works in C/C++, where the compiler will optimize the string constant into the initialized data section of the global variables.
If however you use std::string in C++, or use Java, C#, or a similar language, the string constants will not be elided and will still be available somewhere in RAM.

Secure credential storage in a production environment is actually a fascinating subject. There are many kinds of key escrow, key server, dedicated-hardware, and other esoteric approaches to mitigate this threat, all dependent on how determined you think the attacker might be and what the cost of failure would be.
enum Bool { True, False, FileNotFound };

Thanks for the replys, good information there

:)

Don't let the client connect directly to mysql at all, they need to go via a "middle tier" server.

If they connect directly, they'll be able to get the credentials (you can't stop them), then do various attacks (at least Denial of service) against your mysql server. You don't want that.

Don't let the client connect directly to mysql at all, they need to go via a "middle tier" server. If they connect directly, they'll be able to get the credentials (you can't stop them), then do various attacks (at least Denial of service) against your mysql server. You don't want that.


If you use a real sql server such as Oracle you could possibly write an entire game server as a set of stored procedures, triggers, and restrictive schemas... This doesn't mean it's a good idea, though... (read as: DONT do it) :)
Advertisement

use a mysql proxy(like: DBServer) between your app and mysql database, then your app cannot get mysql info

NFrame - agile game server developing framework. Github:https://github.com/ketoo/NoahGameFrame

This topic is closed to new replies.

Advertisement