in reply to Re: Hide DBI password in scripts
in thread Hide DBI password in scripts
We can eliminate the DBIspy threat by copying in the text of the DBI::connect sub to the caller program:
sub DBI::connect { # code from original DBI::connect }
This of course would have to be updated manually if a new version of DBI was installed.
And, we can assume that the DBI.pm module is write-protected from all except root.
(We can assume root is not compromised).
Also, instead of the inode we can use checksums.
In Section
Seekers of Perl Wisdom