>>Yes, that's our plan, too. But the risk still remains that someone
will get a look to the script. I think, there is a golden rule: Never put
clear text passwords in files. Those files are stored in archives by backup
for example. There maybe a lot >>of people (sysadmin, developer, ...)
concerned with the webserver. So it's not easy to secure it.
>A thought, although I've never been so secure myself and I'm not
sure how
>secure this would be - but it's one of those silly convoluted ideas
you
>have to tell someone. Since you're using mod_perl and apache_dbi,
this is
>just a thought. Use the Crypt::Blowfish_PP to generate an
encrypted
>password and place it as a variable in a package somewhere. During
server
>startup take a password from the command line, some sort of:
>
><Perl>
>Paranoid::CryptDBIPassword::promptForPassword
></Perl>
>
>getliner.
>
>Take the value as my $key and:
>
>=09my $bfish =3D Crypt::Blowfish_PP->new($key)
>
>=09$Apache::PARANOID::dbiPassword
>=09=3D $bfish->decrypt($encryptedPassword);
>
>
>
>then whenever you want your password you access
>$Apache::PARANOID::dbiPassword.
>
>
>Hmm. I think that the guy who wrote Blowfish_PP would cut my
danglies off
>for that one.
>
>R.
This is an interesting idea.
Many thanks to you, Rafiq!
> - Wolfgang
