Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Re^3: Perl Setuid - Oracle Password Hardcoding

by JavaFan (Canon)
on Nov 17, 2011 at 00:41 UTC ( #938498=note: print w/replies, xml ) Need Help??

in reply to Re^2: Perl Setuid - Oracle Password Hardcoding
in thread Perl Setuid - Oracle Password Hardcoding

Considering that the OP is talking about an application server, it looks to me this is a standard production security policy, not something to pester developers with. It's not a measure to defend against internal attacks*, but to prevent escalation after an intrusion. Of course, the script should be non-modifiable.

*Although with some effort, it can help to protect against insiders wearing a black hat.

  • Comment on Re^3: Perl Setuid - Oracle Password Hardcoding

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://938498]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (1)
As of 2017-12-14 02:40 GMT
Find Nodes?
    Voting Booth?
    What programming language do you hate the most?

    Results (383 votes). Check out past polls.