I already asked this question... but from the responses I got (Hiding the pass in a DBI script) and research I did, I found that I didn't exactly get the answer I wanted, so I will ask again in a different style.

The question is about DBI, and having passwords in the script. It seems a bit of a problem for bigger systems. If you have a perl system script and want to allow users to use it, they need read priviledges, which allows them to see the password, yes?

Someone mentioned the DBIx modules, which almost do what you want, but not really, since they don't prevent other users from using your virtual user in the same way, and still having access to the database.

So I am wondering if we perl monks in all our glorious perl light can come up with something (other than suid wrappers for the perl script, which would work... but is overkill and possibly a security hole) to fix this. I thought of a system to request the password from another program, based on the script location... I.E. /usr/bin/foo may access this password, but no one else... unfortunately, I can't seem to find a foolproof way for verifying the name of a script.
Does anyone else have ideas? It seems like a valid project, and if it could be implemented right, it could have uses in other places as well...

Of course, I may also be missing some fundamentally simple solution, too, but I'll never know until I ask, will I?
                TIA - Ant

In reply to Hiding passwords in scripts... by suaveant

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.