in reply to Re: Hide DBI password in scripts
in thread Hide DBI password in scripts

We can eliminate the DBIspy threat by copying in the text of the DBI::connect sub to the caller program:

sub DBI::connect { # code from original DBI::connect }

This of course would have to be updated manually if a new version of DBI was installed.
And, we can assume that the module is write-protected from all except root. (We can assume root is not compromised).
Also, instead of the inode we can use checksums.