Perl Monk, Perl Meditation | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I'm sure this is a solved problem, but I can't think what the solution is. Maybe it is, but I'm not aware of a reusable implementation of that solution... Can the script request a password from another place without a coder who is editing the script being able to view the password? In the near future I will have to implement something like that, my ideas so far:
That way it is the password server's duty to make sure it deals out credentials only to authorized clients. Every change to the client script, i.e. its checksum must be propagated to the server. While it is not impossible for a third party to get the password on the client's machine (which is always compromised in the view of the password server), it is much more difficult than reading a configuration file or the scripts source code. Security stands and falls with the ability of the granting part to verify the integrity of the requesting part, which might be impossible. But any attempt is better than nothing. There's no limit to "paranoia" ;-)
perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'
In reply to Re: How can a script use a password without making the password visible?
by shmem
|
|