in reply to Re^3: Hide DBI password in scripts
in thread Hide DBI password in scripts

update: this is an addendum to your node rather than a reply.

Heck, I could even break checksum tests from within perl, with a perl loader script that has the following behaviour:

These shenanigans can be countered, say, by using a monitored file system which reports writes and intercepts before you can exec the modified script. Next round.

But then, having access, you could just take home a snapshot of all blocks pertaining to the suite, extract the password and come back later to do whatever you want to.

Bottom line: if you have an automated process using credentials contained within, no matter how sophisticated the storage mechanisms are, all you can do is prevent interactive read/write/execute access to any parts of that automatic unit, which at the end of reasoning amounts to turning it into an inaccessible black box. But given that condition, there's no reason for not having plaintext credentials in it.

So, I'd say that the OP is most likely about an XY Problem.

See also.

perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'