PERL DBI exposing passwords on ps -ef

rakshas has asked for the wisdom of the Perl Monks concerning the following question:

I am able to connect to a database using the following

$dbh = DBI->connect ($dbname, $username, $password, { AutoCommit => 0 } );

However, when this script runs it exposes the password on ps -ef. I was looking into the PERL-DBI for options to supply "nolog" with no luck. Any help will be much appreciated.

Comment on PERL DBI exposing passwords on ps -ef

Replies are listed 'Best First'.
Re: PERL DBI exposing passwords on ps -ef by Corion (Patriarch) on Apr 02, 2012 at 17:20 UTC
Don't pass the password on the command line if you don't want it to show up in `ps -ef`. You could pass it through `%ENV` (see perlvar), but that may (or may not) be visible through `/proc/$$/env`. You could pass it through a file, but that might be readable for other users too. You could read it from STDIN, but that will require a person to feed the information to the script. You could set up your database connection to not require a password for the given user. You could look at whether setting `$0` (see perlvar, again) makes the password disappear from `ps -ef` on your OS. All approaches have benefits and drawbacks.	[reply] [d/l] [select]
Re^2: PERL DBI exposing passwords on ps -ef by rakshas (Novice) on Apr 02, 2012 at 17:32 UTC
Thank you for your reply. I am passing the password from a another perl module(Bad idea) but for now that is how the setup looks.	[reply]
Re: PERL DBI exposing passwords on ps -ef by erix (Prior) on Apr 02, 2012 at 17:18 UTC
Can you say what database system, and what DBD? And what OS?	[reply]
Re^2: PERL DBI exposing passwords on ps -ef by rakshas (Novice) on Apr 02, 2012 at 17:21 UTC
OS : Unix , DBD : dbi:Oracle Thanks!!!	[reply]