memcached in not so friendly environment

Reinis Rozitis roze at roze.lv
Thu Feb 8 20:07:57 UTC 2007 

Use sockets (only limitation is that memcache must reside on the same
host/box as the php).
Launch multiple memcaches processes and give each user read/write acces to
only one particular socket, that way they can't connect to another MC
instance. By doing this you can also limit how much memory each user can
use.

If you add some auth layer inbetween in my opinion the whole idea of
ultra-fast data reading probably will be lost..

rr


----- Original Message ----- 
From: Milos Prodanovic
To: memcached at lists.danga.com
Sent: Thursday, February 08, 2007 12:37 PM
Subject: memcached in not so friendly environment


Hello,


I'm planning to use memcached in mass hosting environment. In general that
would say that any php user can access data
that is stored in memcached, even if this memcached data is only for hosting
platform use. Common usage of memcached is in friendly
environment, where you hold strings, application, network and other
resources, and there is no user application allowed.
I need to protect access to memcached. Firewall is not an option, hidden
interfaces and private networks can be scanned, and other obscurity ways are
not option.

I've read memcached list discussion on authentication. There are few
possibilities that I can think of:
a) Restrict memcached to accept conections from TCP port that is less than
1024, that would be quite fast solution, and it's based on fact that you are
the only one with root account on client side.
b) crypt and sign data (content) stored on memcache, so even if users get
access to memcached they can't poison data but they can exhaust memory :(
c) implement authenticaiton (exact way should be discussed)
d) secure transport (includes authentication - already suggeste on list and
done)
e) put some kind of tcp wrapper in front of memcached,and let tcp wrapper
handle authentication

Maybe someone has already nice working solution ?

I've understood that authentication was proposed more than once, and it was
rejected protecting memcached performance.
One sent url with encrypted memcached (TLS). It's easy to implement
authentication as private patch, but there is no sense
if it's not accepted as patch in main memcached code.

If using memcached in not so friendly environment  is not so frequent,  then
private patch is the best scenario.
If this is not so rare case of memcached usage, let's discuss authentication
once again.

What do you think ?


Kind Regards

Milos

More information about the memcached mailing list