The otherday, I discovered a security issue that is pretty obvious but which I had not considered before. I was running a perl script on my linux box as a privelaged user while also logged on as an unprivelaged user. I needed to kill a process. So I did ps aux to discover the pid. Well I noticed that in this output I was looking at the command line of the script running under my other login which was happy to share its password for all to see.
Got me to thinking of how many scripts I have wrote that used something like the following code:
#!/usr/bin/perl -w use strict; my $username = shift; my $password = shift; do_something($username,$password); sub do_something { my ($user,$pass) = @_; print "USER: $user\nPASS: $pass\n\n"; }
I cant think of how many simple scripts I have written that use this simple method of getting a username and password. It's hard to not write something like this because its easy to write and easy to use. Almost all of my web scripts I use to download my current bank statements, or download mail, etc use this method. 98% of these scripts I run on my home machine which for all purposes is a single user machine so it is not a big issues that the password from the command line is displayed. But on a multi-user system would be something to be concerned about and possibly overlooked.
So this gets me to thinking.. What is the best way to handle passwords or semi-secure data like this. The following are my ideas.
Read the data from <STDIN> and disable the screen echo for the password. This works effectively but has the side effect that it requires someone to type in the password making unusable for automated scripts run by cron or from other scripts.
#!/usr/bin/perl -w use strict; my ($user, $pass) = get_password (); do_something ($user,$pass); sub do_something { my ($user,$pass) = @_; print "\nUSER: $user\nPASS: $pass\n"; } sub get_password { $ENV{'PATH'} = "/bin:/usr/bin"; print "Username: "; my $username = <STDIN>; chomp $username; print "Password: "; system ('stty -echo'); my $password = <STDIN>; system ('stty echo'); print "\n\n"; return ($username,$password); }
Another solution would be to have a config file containing the username and password in the users home directory which is only readable by the user. This would enable the script to be run safely and automated. However this requires an additional config file for each user who runs the program.
#!/usr/bin/perl -w use strict; my ($user,$pass) = get_secret(); do_something($user,$pass) if ($user) && ($pass); sub do_something { my ($user,$pass) = @_; print "USER: $user\nPASS: $pass\n\n"; } sub get_secret { my $config = $ENV{'HOME'} . '/.passwd3'; if (-e $config) { my ($pass,$user); my $perms = (stat ($config))[2] & 07777; die "ERROR: File permissions not 700.\n" unless $perms == 0700; open INP, $config or die "ERROR: Couldn't open file: $!\n"; chomp ($user = <INP>); chomp ($pass = <INP>); close(INP); return($user,$pass); }else{ die "ERROR: No config file.\n"; } }
What do you do!?
THANKS!
zzSPECTREz
In reply to Handling passwords and sensitive data by zzspectrez
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |