Add readme and Licence file for completion.

2026-01-12 12:43:07 +02:00 · 2026-01-12 12:43:07 +02:00 · e4ae5d5ce6
commit e4ae5d5ce6
parent 9a971a17ad
2 changed files with 141 additions and 0 deletions
--- a/passman-dev/LICENCE
+++ b/passman-dev/LICENCE
@ -0,0 +1,21 @@
 MIT License
 Copyright (c) 2026 Christos Choutouridis <cchoutou@ece.auth.gr>
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/passman-dev/Readme.md
+++ b/passman-dev/Readme.md
@ -0,0 +1,120 @@
 # Password Manager Security Assignment
 ## About
 This repository contains an improved and secured version of a simplified web-based password manager.
 The project was developed in the context of a university assignment on Aristotle's University of Thessaloniki(AUTh) Information Systems Security class.
 The original application intentionally contained multiple security vulnerabilities.
 The purpose of this work was to identify, analyze, and mitigate these vulnerabilities using well-established security practices.
 The application is implemented in PHP and uses a MySQL database for data storage.
 The deployment is fully containerized using Docker and Docker Compose, ensuring reproducibility and ease of execution across different operating systems.
 ---
 ## Architecture Overview
 The application is deployed as a multi-container system.
 Each component has a clearly defined role and responsibility.
 All services are isolated and communicate only through Docker-managed networks.
 ---
 ## Components
 ### Web Application (PHP)
 The web service hosts the PHP-based password manager application.
 It is responsible for:
 - User authentication and session handling
 - Secure storage and retrieval of credentials
 - Input validation and output sanitization
 - Interaction with the database through restricted credentials
 The PHP application runs inside its own container and does not expose any ports directly to the host system.
 ---
 ### Database (MySQL)
 The database service provides persistent storage for:
 - User accounts
 - Stored credentials
 - Application data
 Security improvements include:
 - Use of a dedicated database user with limited privileges
 - Separation of database credentials via environment variables
 - Isolation of the database service from direct external access
 ---
 ### Reverse Proxy and HTTPS (Caddy)
 Caddy is used as a reverse proxy in front of the web application.
 It provides:
 - Automatic HTTP to HTTPS redirection
 - Internal TLS certificate generation
 - Secure termination of HTTPS connections
 - Optional security-related HTTP headers
 All external access to the application is handled exclusively by Caddy.
 ---
 ## Deployment Instructions
 The deployment process is identical for Linux and Windows.
 The only requirement is a working Docker installation.
 ---
 ## Prerequisites
 - Docker
 - Docker Compose (included in modern Docker installations)
 No additional software such as Apache, PHP, or MySQL is required on the host system.
 ---
 ## Deployment on Linux
 1. Open a terminal.
 2. Navigate to the project directory containing `docker-compose.yml`.
 3. Run the following command:
    ```bash
    docker compose up -d --build
    ```
 4. Wait until all containers are built and started.
 5. Access the application through your browser using: https://localhost
 ## Deployment on Windows
 1. Install Docker Desktop for Windows.
 2. Ensure that WSL2 is enabled (Docker Desktop will guide you automatically).
 3. Open PowerShell or Command Prompt.
 4. Navigate to the project directory containing docker-compose.yml.
 5. Run the following command:
    ```bash
    docker compose up -d --build
    ```
 6. Once the containers are running, open a browser and navigate to: https://localhost
 ## Notes on Reproducibility
 The use of Docker ensures that:
 - The application behaves identically on all supported operating systems
 - No manual configuration of web servers or databases is required
 - Environment-specific issues are minimized
 This approach allows evaluators to focus on the security aspects of the application rather than deployment complexity.
 ## Disclaimer
 This project was developed solely for educational purposes.
 It is provided "as is", without any express or implied warranties.
 The author assumes no responsibility for any misuse, data loss, security incidents, or damages resulting from the use of this software.
 This implementation should not be used in production environments.
 All work, modifications, and security improvements are the sole responsibility of the author.