If you're actually using BCP you can pass it via STDIN; e.g.:
open BCP, "| bcp db..table in -U$user_name -S$server_name -f $file_name -n"; print BCP $password . "\n"; ... Inside Perl scripts I have a Perl function that returns the password For other users (e.g. binaries that require the password on the command line) I have a script that returns the password, depending on Unix file permissions to keep prying eyes out, e.g.: bcp db..table in -U$user_name -S$server_name -P$(getpass $server_name $user_name) -f $file_name -n So with ps, you can see the user name and server name, but not the password, unless you have access to the file where the passwords are stored. From: William Ward gmail [mailto:william.w...@gmail.com] Sent: Wednesday, February 16, 2011 4:12 AM To: shawn wilson Cc: dbi-users@perl.org Subject: Re: BCP for passing $password to a command-line Perl script? Unix file permissions are better than command line or environment variables at least (safe from ps snipping anyway) On Feb 16, 2011 12:48 AM, "shawn wilson" <ag4ve...@gmail.com> wrote: > On Feb 16, 2011 3:22 AM, "Bill Ward" <b...@wards.net> wrote: >> >> I generally put such things in a config file. > > I don't see how this would be more secure. > > Using sha1 (or something else in Crypt::) comes to mind as a better > solution. Plain text files can be made pretty secure with SELinux but most > won't. > > That said, I've got my db creds in a pm... >> >> On Tue, Feb 15, 2011 at 11:45 PM, Ivan Shmakov <i...@main.uusia.org> > wrote: >> >> > BTW, what is the best current practice to pass ->connect () >> > $password to a command-line Perl script? >> > >> > Both specifying it via a command-line argument or via an >> > environment variable (DBI_PASS) is insecure, as on some systems >> > this information could easily be seen by the other users on the >> > same host. >> > >> > Perhaps, some variation on Net::Netrc should be used instead? >> > >> > My primary interests currently are PostgreSQL, which can use >> > Kerberos, and SQLite, which uses filesystem access rights >> > instead, but just for the case... >> > >> > -- >> > FSF associate member #7257 >> > >> >> >> >> -- >> Check out my LEGO blog at http://www.brickpile.com/ >> View my photos at http://flickr.com/photos/billward/ >> Follow me at http://twitter.com/williamward ________________________________ No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1204 / Virus Database: 1435/3446 - Release Date: 02/15/11
