Being a newbie I am not sure what I am doing is the best way BUT it works
for us. I create accounts with ONLY the access the accound needs. I have
no 'system wide' accounts. If the username/password is used for reporting
(as most of mine are) they get only the ability to read data not modify it.
If the user (script) needs to modify it, I have the user enter a password.
I use this as an audit trail.
My $0.02.
Vince
Dave Feinberg
<DFeinberg@ClubMo To: [EMAIL PROTECTED]
m-inc.com> cc:
Subject: security and dbi
12/11/01 02:26 PM
I have a security related question. How does one deal with
database
security such as connect usernames and passwords in plain text perl
scripts?
Obviously encoding them directly into the scripts is not optimal. This
also
makes it difficult to alter all these scripts if you need to change a
password. Considerations are to use perl bytecode, and then the passwords
are harder to get. Or possibly to store them encrypted and then read them
in, but of course then they can always be decrypted if some can access the
computer. Really i think ultimately the answer is you are relying on the
security of the physical machine. But atleast having them in one place
makes it easier if you change them. Just curious about what your thoughts
might be, what is the most effective solution you have found for the amoutn
of work it takes.
-Dave
