Re: hiding username/password in database scripts


Problems? Is your data what you think it is?
	PerlMonks

Re: hiding username/password in database scripts

by gam3 (Curate)

on Jan 13, 2008 at 15:10 UTC ( [id://662186]=note: print w/replies, xml )

Need Help??

in reply to hiding username/password in database scripts

I looked through the threads that were listed here and did not see any discussion of storing keys in memory.
In this system you start a daemon that requires a password. That daemon can then be used to retrieve the password for the database. There are 2 commonly used examples of this approach, ssh-agent and gpg-agent and it is possible that you could use gpg-agent.
Certainly this is not totally safe, but much safer than having the password on the harddisk. The password itself is only in memory for a short time and the key is sitting at some (hopefully) unknown place in memory.

The down side is -- Just like if a password protected ssl key with apache -- you have to type in a password each time the daemon is started.

-- gam3
A picture is worth a thousand words, but takes 200K.

Comment on Re: hiding username/password in database scripts

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://662186]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others studying the Monastery: (3)

As of 2024-04-20 05:47 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found