Date: Sat, 17 Jun 2000 20:26:22 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: Ryan Thompson <ryan@sasknow.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Securing Perl::DBI connections Message-ID: <20000617202621.A270@dialin-client.earthlink.net> In-Reply-To: <Pine.BSF.4.21.0006171642190.70265-100000@ren.sasknow.com>; from ryan@sasknow.com on Sat, Jun 17, 2000 at 04:54:26PM -0600 References: <20000617152830.B220@dialin-client.earthlink.net> <Pine.BSF.4.21.0006171642190.70265-100000@ren.sasknow.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 17, 2000 at 04:54:26PM -0600, Ryan Thompson wrote: [snip] > I can generate an encrypted version of the password using any of several > methods. The problem, though, exists with the storage of said passwords. > Even if encrypted, the password must be decrypted (presumably by the > calling program) before a DBI connection can be made to the server. So, > anyone with an iota of knowledge about encryption and Perl could easily > obtain the password. Anyone with less than an iota of knowledge could at > least copy the block of code in question and modify it to make their own > queries. Maybe I'm missing the obvious here. If I AM, I would be happy > to learn ;-) I misunderstood what you were trying to do. I was suggesting a solution for something very different. Sorry for the distraction. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000617202621.A270>