Welcome to the Monastery | |
PerlMonks |
Re: Accessing passwords in a scriptby cbeckley (Curate) |
on Mar 26, 2017 at 14:17 UTC ( [id://1185984]=note: print w/replies, xml ) | Need Help?? |
The most important consideration may be, what do the auditors accept? Auditors do not like text files. Period.
Auditors are mostly ok with public/private key pairs.
As an Oracle DBA, and familiar with the wallet, it makes no sense to me that Oracle wallet is ok, but a read only text file is not. A hacker needs to crack Oracle to get access to the config file, and once they're Oracle, the wallet is theirs to toy with. As is the database ... as are the private keys ... that text file is the least of your problems ... Whatever you do, don't let the auditors, or the people in your organization who's only job is to handle the auditors, know that you're pondering security considerations, lest every decision you make for the next four years gets forwarded to committee for review. You'll have to quit your job in order to even think about doing another honest day's work ever again. Ever. Like Ever. </rant> Oops, I forgot my opening rant tag. (And apologies to Taylor Swift)
Thanks,
In Section
Seekers of Perl Wisdom
|
|