Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re: Secure ways to use DBI?

by zengargoyle (Deacon)
on Apr 17, 2003 at 03:21 UTC ( [id://251116]=note: print w/replies, xml ) Need Help??


in reply to Secure ways to use DBI?

use a better authentication method.

i'm using PostgreSQL with KerberosV5 authentication.

package KrbKey;
use base 'Class::DBI';
__PACKAGE__->set_db('Main',
  'dbi:Pg:dbname=krbkey;host=dbserver.sub.dom'  # no user/password
);
__PACKAGE__->table('krpass');
__PACKAGE__->columns(All => qw( passkey passval ));
1;


#!/usr/bin/perl
use strict;
use warnings;

use KrbKey;

sub lookup {
        my $key = shift;
        my $pw = KrbKey->retrieve($key);
        return $pw->passval;
}

if (@ARGV) {
        my @pw = map {lookup($_)} @ARGV;
        print join $/, @pw, '';
} else {
        print join $/, map({$_->id} KrbKey->retrieve_all), '';
}

[download]

without a valid principal...

$ getpw
Failure while doing '' with '_filter_retrieve_all in KrbKey'
Ima::DBI->connect(dbname=krbkey;host=dbserver.sub.dom) failed: Kerbero
+s 5 authentication failed at /opt/network/bin/getpw line 17
 at /opt/network/bin/getpw line 17

[download]

and with...

$ kinit
Password for me@SUB.DOM: 

$ getpw
cisco.console
cisco.enable
snmp.ro
snmp.rw

[download]

there's also the possibility of using SSL and Certificates for authentication (i think even MySQL can do SSL auth)

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://251116]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (4)
As of 2024-04-25 16:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found