Come for the quick hacks, stay for the epiphanies. | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Well... there isn't any secure way to keep your secrets private. You should also be aware that even if you somehow keep your secret away from your possibly-tinkering co-workers that the rest of the script is still open to modifications. In fact, while you could do all sorts of crazy things to obfuscate your secret (since it's impossible to hide) your tinkerer's could just modify the script to print the decoded secret just before it goes into DBI. I think you have two problems - keeping your login secrets and keeping your code from being altered. You've only brought up the one so try to spend some time thinking on the second as well. I don't know what options you have in DOS for this but if you were on a Win32 I'd suggest you check out ActiveState's compiler and use a plain executable. All I can think of is that you can use a source filter to encrypt or obfuscate your perl script and keep it from prying eyes. It's not perfect but it's about the only thing you can do. I suggest you read the perlfilter man page and then consider using something decent from CPAN like one of the Filter modules. The unfortunate part here is that now you've only abstracted your problem away one level. Instead of having readable source code including a secret you have encrypted source code and a very visible secret. The difference is that it's going to more difficult for someone who isn't already a perl hacker to do something useful with that. It all comes down to how much effort you want to put into the problem and how much skill and effort your tinkerer's will be able to use. No code example? Right. This is non-trivial and you'll have to find your own balancing point. If you just need something really trivial then why not just hex (ex: "password" eq "\160\141\163\163\167\157\162\162")encode the password or something. It's entirely obvious to any competent programmer what's going on but might appear magical to someone who isn't. In reply to Re: Hiding DBI MySQL username and password values from win98 users
by diotalevi
|
|