develooper Front page | perl.perl6.language | Postings from July 2005

Re: DBI v2 - The Plan and How You Can Help

Thread Previous | Thread Next
From:
Steve Sapovits
Date:
July 6, 2005 01:17
Subject:
Re: DBI v2 - The Plan and How You Can Help
Message ID:
42CB6C91.3060106@comcast.net
Maxim Sloyko wrote:

> I don't think this solves the problem, because what I usually want is 
> the user to be able to use the application, but unable to see the DB 
> password. So the user should have "read" permission set for the file, 
> but on the other hand he shouldn't. It's not not a problem for Web App, 
> though.

Storing passwords encrypted, decrypting before using doesn't cover this?
I've played around with Crypt::CBC (and different ciphers) for this sort
of thing but admittedly have not applied this to any production systems
yet.  You still have a key somewhere to hide/obscure.  You can also use
Perl source filters to totally encrypt the source -- something else I've
done but not in production.  Just some things you may want to look at ...

-- 
Steve Sapovits  steves06@comcast.net

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About