PHP GnuPG encryption/decryption on a production webserver

ahelis · 05-26-2006, 12:51 AM

Hi all,

I did search on this topic and found a troubleshooting thread (hence I used a similar subject line) but my question to those running a production webserver.

I am reviewing a few PHP classes that use the native gpg file as installed on a Linux webserver. I am building an email application and would like to use the public key infrastructure. Common locations for this binary executable are /usr/local/bin/gpg and /usr/bin/gpg but it has been my understanding to never allow a script (PHP in this case) to access a file outside of the public root directory for the webserver.

1. Can using this binary executable be exploited and be a security risk?
2. Can the binary be simply copied into a /scripts/ folder inside the webserver's root directory without compromising the server's security?

I have been researching encryption methods and techniques but I am not sure that developing an encryption scheme is the right choice. It seems that encryption is build into every Linux box out there and there should be an easy way to use what already exists and apply it in a production web application.

If this is the totally wrong approach, then what are other suggestions for open source encryption php software/libraries (for email & text) as used on Apache webservers?

msound · 05-27-2006, 04:47 PM

I actually store all of my really important data outside of the document root. that what the only way it can be accessed are through my php scripts. with all of the web crawlers out there I just don't trust keeping highly confidential data in my document root, even with htaccess.

As for encryption on an apache webserver, why not just run your site over https?

ahelis · 05-28-2006, 12:14 AM

Hi msound,

Thanks for the feedback. I will try moving the bin file to one folder just above the document root and then access through my script. I already use https to log into my application, but I need to further encrypt the message data while it is stored on the server and during transmission to the intended recipient. From what I have been reading regarding GnuPG, I can also use it to manage the keyring and remove/add keys when a user want to change their security at some regular interval. All that I will need to do then is add a method to decrypt saved messages using the old key, encrypt with the new key and then discard the old key all together.