Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

comment on
( [id://3333]=superdoc: print w/replies, xml ) Need Help??
sections in the config file to store sensitive content that must be encrypted ie the connection string and must be decrypted by the application.

This may give you a warm fuzzy feeling that you have used encryption and so everything simply just must be safe.

But this is just a little annoyance for anyone trying to get the data: The application must contain the decryption code, and it must contain the decryption key. Both can be extracted, and with the addition of a few simple print statements, you can see the "protected" information in plain text. If the decryption code is burried in the runtime environment, things become even easier for an attacker: Just find the key, call the runtime environment's decryption routine in your own ten line script, and print what it returns when processing the "protected" information.

Oh, and I almost forgot: How does it help to encrypt information in a config file that are afterwards transmitted in clear through the network, e.g. when connecting to a MySQL or FTP server?

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

In reply to Re^2: Where should I have configuration information in a file or database by afoken
in thread Where should I have configuration information in a file or database by vinoth.ree

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":


  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others sharing their wisdom with the Monastery: (6)
As of 2024-04-23 17:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found