I wrote this script because of Question of safe data passing.... Keep in mind that it only an example and was not written as a script to use, but it would prolly work :)
If one was going to use this script or one like it, they most likly would want to chmod 400 the config file and chmod 6755 the wrapper script. Read Question of safe data passing... to under stand why I say this.
and the config### # dnswrapper.pl to transmit dsn lines (usernames,passwords) to applica +tions ### #!/usr/bin/perl use strict; use Storable qw(freeze); use vars qw($configfile %config $caller $dbi); $configfile="dsn.conf"; open(C,$configfile) || die("$!: $configfile"); while(<C>) {$config{$1}=$2 if(/^\[([^\[|^\]]+)\]=\[([^\[|^\]]+)\]/)} close(C); die("No DSN Line !\n") if (!exists $config{DSN}); die("No USER Line !\n") if (!exists $config{USER}); die("No CALLER Line !\n") if (!exists $config{CALLER}); die("What Iam my own parent !") if($$==getppid()); open(P,'/proc/'.getppid().'/cmdline') || die("$!: PARENT CMDLINE"); $caller=<P>; close(P); $caller=$1 if ($caller=~/^perl\0([^\0]+)/); if (getpwuid($<) eq $config{USER} and $caller eq $config{CALLER}) { print freeze({DSN=>$config{DSN}}); } else { die("Something went wroung !\n"); }
and my example caller script[USER]=[jason] [DSN]=[DBI:mysql:dbname;user=dbuser] [CALLER]=[/usr/local/bin/caller.pl]
#!/usr/bin/perl open(P,"perl ./dsnwrapper.pl|"); binmode(P); my($dsn)=${(thaw(join('',<P>)))[0]}{DSN}; close(P); my($dbh)=DBI->connect($dsn) || die(DBI->errstr);
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re: DSN Wrapper for Secure DBI Passwords
by suaveant (Parson) on Apr 27, 2001 at 21:48 UTC | |
by lindex (Friar) on Apr 27, 2001 at 22:07 UTC |