develooper Front page | perl.perl6.language | Postings from July 2005

Re: DBI v2 - The Plan and How You Can Help

Thread Previous
Dean Arnold
July 4, 2005 16:42
Re: DBI v2 - The Plan and How You Can Help
Message ID:
Richard Nuttall wrote:
>>   - support for automatically pulling database DSN information from a
>>     ~/.dbi (or similar) file.  This is constantly re-invented poorly.
>>     Let's just do a connect by logical application name and let the
>>     SysAdmins sort out which DB that connects to, in a standard way.
> This reminds me one one thing I hate about DB access, and that is having 
> the DB password
> stored in plain text.
> Of course there are ways to provide some concealment, but nothing 
> particularly good or
> integrated into the access.
> If the "connecting by logical application name" could also include some 
> level of security
> access, that would be a big improvement.
> R.

Which is why major DBMSs are increasingly relying on SSO
based solutions. (e.g., Kerberos/LDAP authentication).
Not certain if DBI is the proper level to implement that,
(probably needs to be down at the DBD <=> DBMS level).
And "in a standard way" may still be wishful thinking.

Also, I'm not sold on the idea that a ~/.dbi file is particularly
secure in that regard. Not neccesarily opposed, just not convinced
its the right solution. (I don't like cleartext passwords either,
but due to the variance in DBMS's authentication methods, I don't know if
DBI can solve that problem).

- Dean

Thread Previous Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About