Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: How can a script use a password without making the password visible?

by CountZero (Bishop)
on Mar 02, 2017 at 07:34 UTC ( #1183358=note: print w/replies, xml ) Need Help??


in reply to How can a script use a password without making the password visible?

If the coder has enough access rights to edit the script, he has access to the credentials needed to access the external pasword storage and/or he can edit the script to expose the pasword.

CountZero

A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

My blog: Imperial Deltronics
  • Comment on Re: How can a script use a password without making the password visible?

Replies are listed 'Best First'.
Re^2: How can a script use a password without making the password visible?
by afoken (Abbot) on Mar 02, 2017 at 08:41 UTC
    If the coder has enough access rights to edit the script, he has access to the credentials needed to access the external pasword storage and/or he can edit the script to expose the pasword.

    Write access is not needed, read access is sufficient: Just copy the script, modify the copy, run the copy.

    Alexander

    --
    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
      Reading and local editing is not enough. He must be able to write the edited script on the system where he found it in order to have it run there.

      CountZero

      A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

      My blog: Imperial Deltronics

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1183358]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (8)
As of 2019-04-22 16:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I am most likely to install a new module from CPAN if:
















    Results (112 votes). Check out past polls.

    Notices?