Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

DSN Wrapper for Secure DBI Passwords

by lindex (Friar)
on Apr 27, 2001 at 21:10 UTC ( #76172=snippet: print w/replies, xml ) Need Help??
Description:

I wrote this script because of Question of safe data passing.... Keep in mind that it only an example and was not written as a script to use, but it would prolly work :)

Read Question of safe data passing... for more details.


###
# dnswrapper.pl to transmit dsn lines (usernames,passwords) to applica
+tions
###

#!/usr/bin/perl

use strict;
use Storable qw(freeze);
use vars qw($configfile %config $caller $dbi);

$configfile="dsn.conf";

open(C,$configfile) || die("$!: $configfile");
while(<C>) {$config{$1}=$2 if(/^\[([^\[|^\]]+)\]=\[([^\[|^\]]+)\]/)}
close(C);

die("No DSN Line !\n") if (!exists $config{DSN});
die("No USER Line !\n") if (!exists $config{USER});
die("No CALLER Line !\n") if (!exists $config{CALLER});
die("What Iam my own parent !") if($$==getppid());

open(P,'/proc/'.getppid().'/cmdline') || die("$!: PARENT CMDLINE");
$caller=<P>;
close(P);

$caller=$1 if ($caller=~/^perl\0([^\0]+)/);

if (getpwuid($<) eq $config{USER} and $caller eq $config{CALLER}) {
        print freeze({DSN=>$config{DSN}});
} else {
        die("Something went wroung !\n");
}

and the config
[USER]=[unixuser]
[DSN]=[DBI:mysql:dbname;user=dbuser]
[CALLER]=[/usr/local/bin/caller.pl]
and my example caller script
#!/usr/bin/perl

open(P,"perl ./dsnwrapper.pl|");
binmode(P);
my($dsn)=${(thaw(join('',<P>)))[0]}{DSN};
close(P);
my($dbh)=DBI->connect($dsn) || die(DBI->errstr);
Replies are listed 'Best First'.
Re: DSN Wrapper for Secure DBI Passwords
by suaveant (Parson) on Apr 27, 2001 at 21:48 UTC
    As far as I can tell, if the script calling it sets $0 it completely wrecks this mode of authentication...
                    - Ant
      errm forgot that /proc/pid/cmdline is $0... will fix..


      lindex
      /****************************/ jason@gost.net, wh@ckz.org http://jason.gost.net /*****************************/
Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: snippet [id://76172]
help
Chatterbox?
[choroba]: Yeah, let's ban dot in INC, but add glob to it!
[Corion]: choroba: Well, at least the above is user-defined, not implicitly by Perl ;)
LanX globalization is evil! Lets Perlxit!
[stevieb]: "Yeah, let's ban dot in INC, but add glob to it!" LOL!!!

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (14)
As of 2017-01-19 15:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you watch meteor showers?




    Results (170 votes). Check out past polls.