develooper Front page | perl.perl6.language | Postings from July 2005

Re: DBI v2 - The Plan and How You Can Help

Thread Previous | Thread Next
Jared Still
July 8, 2005 02:56
Re: DBI v2 - The Plan and How You Can Help
Message ID:
I use a (Perl) password server for this.

Passwords are stored encrypted in a configuration file.

Clients authenticate with the server, and receive a requested
password (encrypted) across the network, if the client is

The user authentication is rudimentary, but it works.
SSH certificates would be better, just need to do it.


On Mon, 2005-07-04 at 22:21, Maxim Sloyko wrote:
> Sam Vilain wrote:
> > 
> > However, making it in a file in $HOME/.xxx means that the sysadmin can
> > set it up to be mode 400 or something like that, to ensure other users
> > can't access it if someone forgot to set the permissions right on the
> > application code (or, hopefully, configuration file).
> > 
> I don't think this solves the problem, because what I usually want is 
> the user to be able to use the application, but unable to see the DB 
> password. So the user should have "read" permission set for the file, 
> but on the other hand he shouldn't. It's not not a problem for Web App, 
> though.
> --
> Maxim Sloyko

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About