Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Protecting passwords in source

by Codon (Friar)
on Jul 19, 2005 at 23:55 UTC ( [id://476301]=note: print w/replies, xml ) Need Help??


in reply to Protecting passwords in source

What do you mean by "anyone"? How secure do you want to be? What sort of environment are you work with? Do you not want to have the password written down anywhere or only accessible to a few people?

One way to handle something like this, depending on your environment, is to have a configuration layer that gets read by your script. The password exists in that file only. The file is not kept under source control. It doesn't migrate between environments.

Another thing that I have seen is you have a read-only user with passwords openly shared. The user can get execute priveledges on stored procedures (in the case of databases) that are owned by a priveledged user. The stored proc controls exactly what can be done. Non-priveledge users can only make changes via stored procs.

Ivan Heffner
Sr. Software Engineer, DAS Lead
WhitePages.com, Inc.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://476301]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (8)
As of 2025-06-16 09:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found
    Notices?
    erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.