Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re^4: RFC: SecureString - Obfuscated / masked strings exept when you need them (revised synopsis & tied filehandles)

by duelafn (Parson)
on Jul 20, 2011 at 17:41 UTC ( [id://915693]=note: print w/replies, xml ) Need Help??


in reply to Re^3: RFC: SecureString - Obfuscated / masked strings exept when you need them (finding)
in thread RFC: SecureString - Obfuscated / masked strings exept when you need them

Revised the synopsis in the original post (well... now it is entering into tutorial territory)

I don't see how a tied filehandle with a default unhidden policy is going to be a good idea at all. Consider:

open my $LOG, ">", "/var/log/my_app.log";
tie $LOG, "Text::Hidden::Handle", force => "hidden";

my $ccn = Text::Hidden->new( "1234567887654321", default => "unhidden"
+ );

print $LOG $ccn;              # OK
print $LOG "Got CCN: $ccn";   # Oops! - premature stringification

[download]

Sure, interpolating a default unhidden string is always going to be "dangerous", but the fragility near a filehandle that pretends to force the values to hidden seems too far over the top. Unless I misunderstood your suggestions.

I have however, added default unhidden and hide_from options as well as manual mask forcing. Additionally, I have added localized policy setting so that one need not globally choose default unhidden (see examples in OP). Do you think that the revised synopsis addresses your concerns / describes a potentially usable tool?

Good Day,
    Dean

  • Comment on Re^4: RFC: SecureString - Obfuscated / masked strings exept when you need them (revised synopsis & tied filehandles)
  • Download Code

Replies are listed 'Best First'.
Re^5: RFC: SecureString - Obfuscated / masked strings exept when you need them (interpolation)
by tye (Sage) on Jul 20, 2011 at 18:16 UTC

    That's part of why you should write your logs in JSON format! But, yes, excellent point.

    I wonder if overload.pm can cause "foo $bar" to return an overload'ed object since it should compile down to "foo " . $bar and you should be able to overload concatenation. If so, then it could return an object that stringifies to "foo XXXXX" somewhere inside of 'print'.

    Sorry, I can't take the time to test that at the moment.

    - tye        

[reply]
[d/l]
[select]

      Hm. You know, it can in fact do that (overloading both '""' and '.' does what one would want). The new object would need to store the left and right concatenated objects (potentially creating deep trees), but that can also solve the problem where a string is constructed then used twice. Nice!

      Good Day,
          Dean

[reply]
        potentially creating deep trees

        I think just a flat list of values, at least one of which is a Text::Hidden object, would be sufficient. :)

        - tye        

[reply]

In Section Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://915693]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others admiring the Monastery: (6)
As of 2024-04-16 05:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found