Re: secure storage

If people can read your script they can also trivially read the rule file no matter how you encrypt it.

What are your goals? What security issues are you trying to deal with? It's easier to help if you tell about what you are trying to do instead of how you would like to do it. :-)

- ask

-- 
ask bjoern hansen, http://ask.netcetera.dk/   !try; do();

Comment on Re: secure storage

Replies are listed 'Best First'.
(ichimunki) Re: secure storage by ichimunki (Priest) on Nov 23, 2001 at 19:42 UTC
That's not true. If the file is encrypted using a password that must be given to the script by the user when the script is started up, then the password information is stored only in RAM, not in any place someone reading the script or the rules files can get to as easily. I'm sure it's possible to find it in the RAM, but I think a password approach manages the risk of a more casual reader getting at the file quite well. If the script is such that it must be started and stopped frequently (like a non mod_perl CGI), then this approach becomes less attractive.	[reply]
Re: Re: secure storage by wertert (Sexton) on Nov 23, 2001 at 16:58 UTC
This is true - anyone with basic perl knowledge can look at the script and workout how to pull out the original info. I am not after total security but only want to stop anyone cat'ing out the file. Other ideas I have had are using the perlapp ( active perl ) to produce a stand alone executable and embeding the rule file within the script or running the whole thing from a web server so the script in question is not directly accessable ( other than by web master ). Thanks for you reply.	[reply]
Re: Re: Re: secure storage by ask (Pilgrim) on Nov 23, 2001 at 17:05 UTC
You still didn't tell us what it really is that you are trying to do. ;-) If you just want a bit of obfuscation, maybe a simple tr/// before you save and after you read the file could do. - ask -- ask bjoern hansen, http://ask.netcetera.dk/ !try; do();	[reply]

In Section Seekers of Perl Wisdom