Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: best way to store login information for a perl script?

by GrandFather (Cardinal)
on Jul 04, 2009 at 05:25 UTC ( #777177=note: print w/ replies, xml ) Need Help??


in reply to best way to store login information for a perl script?

Pass the data on the command line then set up a short cut or similar that runs the script and passes in the sensitive data.


True laziness is hard work


Comment on Re: best way to store login information for a perl script?
Re^2: best way to store login information for a perl script?
by dsheroh (Parson) on Jul 04, 2009 at 09:28 UTC
    Passing sensitive data on the command line raises its own set of security issues under any environment which maintains a command-line history, as someone with access to the account from which it was run will be able to gather the login credentials by going back through the history.

    On multi-user unix-type systems, the ps or w commands can also be used to see currently-executing processes along with the command line used to start each - including any information passed on the command line - which has the potential to leak your credentials to other users on the machine without requiring them to first compromise your account. (Some admins will have the system secured such that you can't view other users' process information, but the general default is for it to be visible.)

    Setting up a shortcut or short script which contains the credentials and passes them on for you will solve these issues (since you're no longer putting the credentials on the command line), but it's essentially just creating a mini config file containing them, so why not just put them into a proper config file in the first place, as YourMother said? Just remember to make the config file readable only by the appropriate user (and optionally include code in the program consuming the config file which complains about and/or refuses to read the config file if it's more widely readable or writable).

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://777177]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (8)
As of 2014-07-24 06:52 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (158 votes), past polls