Re: directory and file access for modules containing sensitive information


Do you know where your variables are?
	PerlMonks

Re: directory and file access for modules containing sensitive information

by bigmacbear (Monk)

on Jul 28, 2004 at 15:49 UTC ( [id://378079]=note: print w/replies, xml )

Need Help??

in reply to directory and file access for modules containing sensitive information

Gee, I was just about to ask a very similar question. I will be most interested in what the other monks have to say.

I will add that putting sensitive information within a module's source is a really, really bad idea. Any user of the system can run 'perldoc -m' and get the full source code of the module, in which case 'all your password are belong to us'. :-(

My question is, would it be a good idea to put the sensitive information in a separate file in the directory alongside the module, use "do" to slurp it in, and restrict permissions accordingly -- or would it be safer to put that information somewhere outside the perl library tree entirely, such as /etc (or /usr/local/etc)? I would think putting these things outside the Perl library tree will wreak havoc on the build process, though.

Comment on Re: directory and file access for modules containing sensitive information

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://378079]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others scrutinizing the Monastery: (6)

As of 2024-04-23 17:20 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found