On Feb 16, 2011 3:22 AM, "Bill Ward" <b...@wards.net> wrote: > > I generally put such things in a config file.
I don't see how this would be more secure. Using sha1 (or something else in Crypt::) comes to mind as a better solution. Plain text files can be made pretty secure with SELinux but most won't. That said, I've got my db creds in a pm... > > On Tue, Feb 15, 2011 at 11:45 PM, Ivan Shmakov <i...@main.uusia.org> wrote: > > > BTW, what is the best current practice to pass ->connect () > > $password to a command-line Perl script? > > > > Both specifying it via a command-line argument or via an > > environment variable (DBI_PASS) is insecure, as on some systems > > this information could easily be seen by the other users on the > > same host. > > > > Perhaps, some variation on Net::Netrc should be used instead? > > > > My primary interests currently are PostgreSQL, which can use > > Kerberos, and SQLite, which uses filesystem access rights > > instead, but just for the caseā¦ > > > > -- > > FSF associate member #7257 > > > > > > -- > Check out my LEGO blog at http://www.brickpile.com/ > View my photos at http://flickr.com/photos/billward/ > Follow me at http://twitter.com/williamward
