If the compiled scripts are on an unsecured machine, meaning anyone can have access to it, then nothing you do is secure. Anyone with a little perseverance will be able to retrieve your passwords.
On the other hand if the compiled scripts are on a computer to which only trusted people have access, what is there to fear?
Even the suggestion to keep the log-in IDs and passwords in a config file, stored away in a secure location gives only a false sense of security. Once you know the name and location of the config file (and one can retrieve that info from any file which accesses the database through the "config" trick) you can write your own script which uses the same access method.
The only secure way is to prevent access to any script or program which makes a connection to the database. So, put your computers away in a safe server room and isolate them from the network, so neither physical access nor network access is possible but for trusted people.
CountZero
A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James
In reply to Re: hiding database passwords
by CountZero
in thread hiding database passwords
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |