Problems? Is your data what you think it is? | |
PerlMonks |
Re: hiding username/password in database scriptsby gam3 (Curate) |
on Jan 13, 2008 at 15:10 UTC ( [id://662186]=note: print w/replies, xml ) | Need Help?? |
I looked through the threads that were listed here and did not see any discussion of storing keys in memory. In this system you start a daemon that requires a password. That daemon can then be used to retrieve the password for the database. There are 2 commonly used examples of this approach, ssh-agent and gpg-agent and it is possible that you could use gpg-agent. Certainly this is not totally safe, but much safer than having the password on the harddisk. The password itself is only in memory for a short time and the key is sitting at some (hopefully) unknown place in memory. The down side is -- Just like if a password protected ssl key with apache -- you have to type in a password each time the daemon is started.
-- gam3 A picture is worth a thousand words, but takes 200K.
In Section
Seekers of Perl Wisdom
|
|