[use DBI] - how to improve security in perl script (

[use DBI] - how to improve security in perl script (

am 17.05.2011 23:46:26 von hye-jin.woo

Do you know how to improve security on perl?
Do you know how to encrypt the ID and PW in perl
Specious guy can get ID and PW in perl script.

I have been making the script to get DB healthcheck info about 20 DB server=
s everyday.

I use DBI module.

But, I have to enter id and pw in perl script.(example below)
It make security weak.


Thank you in advance


use strict;
use DBI;

##################### DBI configuration ########################
my $hostip =3D "127.0.0.1";
my $username =3D "hr"; <- how to encrypt id
my $password =3D "hr"; <- how to encrypt pw
my $sid =3D "orcl";
my $dsn =3D "DBI:Oracle:host=3D$hostip;sid=3D$sid";
my %attr =3D ( RaiseError =3D> 1, AutoCommit =3D> 0 );

# howto 1
my $dbh =3D DBI->connect ($dsn, $username, $password, \%attr) || die "Datab=
ase connection not mode : $DBI::errstr";
# howto 2
#my $dbh =3D DBI->connect ("DBI:Oracle:host=3D$hostip;sid=3D$sid", $usernam=
e, $password, \%attr);

my $que =3D "select * from jobs";
my $i1;

my $cursor =3D $dbh->selectall_arrayref($que);
for (@$cursor) {
print "@{$_} \n";
}

$dbh->disconnect;

##################### DBI configuration ########################



--
To unsubscribe, e-mail: beginners-unsubscribe@perl.org
For additional commands, e-mail: beginners-help@perl.org
http://learn.perl.org/

Re: [use DBI] - how to improve security in perl script (

am 18.05.2011 10:49:02 von Pete Smith

On 17/05/11 22:46, Woo, Hye Jin wrote:
> But, I have to enter id and pw in perl script.(example below)
> It make security weak.

If you make sure the script is only readable by the user executing it
then only they will be able to see the password.

Alternatively, on a *NIX system, store the password in a configuration
file (and use something like Config::General to load it) which is only
readable by a secured user. You can then setuid [1] the script to
execute as that user - however, take note of any security issues this
might infer.

Cheers,
Pete

[1] http://en.wikipedia.org/wiki/Setuid

NET-A-PORTER.COM
Irresistible fashion at your fingertips

____________________________________________________________ __________

CONFIDENTIALITY NOTICE
The information in this email is confidential and is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, you must not read, use or disseminate the information. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Net a Porter Ltd.

Net A Porter Ltd is a company registered in England & Wales Number: 3820604 Registered Office: 1 The Village Offices, Westfield, Ariel Way, London, W12 7GF
____________________________________________________________ _________

--
To unsubscribe, e-mail: beginners-unsubscribe@perl.org
For additional commands, e-mail: beginners-help@perl.org
http://learn.perl.org/