Well... there isn't any secure way to keep your secrets private. You should also be aware that even if you somehow keep your secret away from your possibly-tinkering co-workers that the rest of the script is still open to modifications. In fact, while you could do all sorts of crazy things to obfuscate your secret (since it's impossible to hide) your tinkerer's could just modify the script to print the decoded secret just before it goes into DBI.

I think you have two problems - keeping your login secrets and keeping your code from being altered. You've only brought up the one so try to spend some time thinking on the second as well. I don't know what options you have in DOS for this but if you were on a Win32 I'd suggest you check out ActiveState's compiler and use a plain executable.

All I can think of is that you can use a source filter to encrypt or obfuscate your perl script and keep it from prying eyes. It's not perfect but it's about the only thing you can do. I suggest you read the perlfilter man page and then consider using something decent from CPAN like one of the Filter modules. The unfortunate part here is that now you've only abstracted your problem away one level. Instead of having readable source code including a secret you have encrypted source code and a very visible secret. The difference is that it's going to more difficult for someone who isn't already a perl hacker to do something useful with that.

It all comes down to how much effort you want to put into the problem and how much skill and effort your tinkerer's will be able to use.

No code example? Right. This is non-trivial and you'll have to find your own balancing point. If you just need something really trivial then why not just hex (ex: "password" eq "\160\141\163\163\167\157\162\162")encode the password or something. It's entirely obvious to any competent programmer what's going on but might appear magical to someone who isn't.

In reply to Re: Hiding DBI MySQL username and password values from win98 users by diotalevi
in thread Hiding DBI MySQL username and password values from win98 users by scratch

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.