Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks!

I am using a script which was posted here to take orders on my site and post credit card details along with billing information to Authorize.Net - I am using Net::SSLeay to do this, but I would like to ask a few questions from you wise ones:

- In this script the cc number is stored in $cc as any other variable would be. I am paranoid about the security of these details though while they are on the server, I'm fairly confident in the transfer as they are done using Net::SSLEay to a SSL secured server.

My concern is, when this number is stored in the variable how long is it stored in the system memory? Is there anyway to prevent this from happening?

Thank you!

Replies are listed 'Best First'.
Re: Authorize.Net Credit Card
by derby (Abbot) on Nov 26, 2002 at 15:40 UTC
    when this number is stored in the variable how long is it stored in the system memory? Is there anyway to prevent this from happening?

    ummm ... errr ... no.

    Seriously if it's in a variable, it's in system memory. And it will be in memory, theoritically, until the end of its scope (possibly until the end of the process or depending on how you've configured your system and what happens to the process, possibly forever in a core dump).

    This is why you have to take a "layered" approach to security.

    1. batten down the web server, don't run it as root and whatever user you run it as, ensure others in that group are trustworthy
    2. batten down the os, make sure all security patches are applied in a timely fashion.
    3. batten down your network, make sure your firewalls are configured correctly
    4. batten down your people - if you can't trust them ...

    then stop worrying ... or worry less.

    -derby

    update: I forgot:

    0. batten down your app. Ensure you use the correct scope and handle faulty input (including signals) correctly.

    another update: Just saw a review of this on slashdot ... may be worth the buy.

[reply]
Re: Authorize.Net Credit Card
by Jaap (Curate) on Nov 26, 2002 at 16:16 UTC
    After using $cc, you might want to do something like this: 
    $cc = "1234123412341234";

    [download]
    Make sure this makes $cc as much bytes as it did before.
    At least after this action the number cannot be retrieved.
[reply]
[d/l]
Re: Authorize.Net Credit Card
by John M. Dlugosz (Monsignor) on Nov 26, 2002 at 15:55 UTC
    In a dynamic GC-based system, the bits forming the cc number could indeed hang around much longer than the variable itself, and even get swapped to disk. A program that gained read-only access to memory or swapfile could scan for sequences that look like cc numbers and have a valid checksum, and might get lucky.

    Obviously, storing it in more obfuscated form isn't quite enough, if it will be decoded before use. To make it work, you must not fully decode it! But, what are you doing with the number? You send it out the file handle one digit at a time. So, you could programmatically extract the first digit and send it, then the second and send it, etc. and never have the full thing stored in a Perl variable (socket buffers and such are another story, and a more general problem).

    So, you could store the digits in an array or hash instead of a scalar string, and then it will already be scrambled when the memory is released, and not findable using the simple method discussed above.

[reply]

Back to Seekers of Perl Wisdom