http://qs1969.pair.com?node_id=189178


in reply to Adding a bit of security to Cache::FileCache

I'm not concerned with my scripts writing to the same namespace, it's more of a concern of a not-so-ethical user creating a script to write to the shared namespace.

I'm fully aware of the usage of FileCache, I'm using it to share data between two separate processes. I have one 'always-running' process that reads,resets,and acts upon "flags" created by separate 'short-running' scripts.

-Nitrox

Replies are listed 'Best First'.
Re^2: Adding a bit of security to Cache::FileCache
by whereiskurt (Friar) on Jul 20, 2007 at 13:07 UTC

    Nitrox:

    I'm liking this thread, and it was interesting to hear why you are using File::Cache. Just a couple of things:

    1. Create a group for your 'short running scripts' and long running daemon to be a part of (this is probably possible in Win32 :).) Have the File::Cache write it's hierarchy to a place where only people in the group can read/write.
    2. Use a key, and encrypt the cache values. If you don't care if people can read through your keys, then this can add a smidge of integrity. That is, agree on a 'password' for all data being written to the key and then use an symmetric Crypt:: module.

    Hope that's helpful...Good luck!

    By the way, did you notice that on the File::Cache actually recomends using Cache::Cache instead? Hm...

    Kurt

Re^2: Adding a bit of security to Cache::FileCache
by kingkongrevenge (Scribe) on Jul 19, 2007 at 16:06 UTC
    umask sounds like the way to go. Just make sure your process runs under an account others can't login to.