Re: [ANN] dbi-dbrc 0.2.0

< ^ > P N |<>|^_>< --- | ~ ...Help
 > sir Daniel Berger [mailto:djberge / qwest.com] announced:
> 
> > I'm happy to announce dbi-dbrc 0.2.0
> > 
> > What is it?
> > 
> > This is a supplement to the dbi module, allowing you to avoid
> > hard-coding passwords in your programs that make database 
> > connections by using a special config file.  It's also 
> convenient. :)
> > 
> 
> this is great.
> Is the password hashed in file?
> 
> many thanks -botp

No, it's plain text, but see the four rules for the .dbrc file before your
eyes pop out.

The .dbrc file must be 600 (or better).  That means that only *you* and
*root* should be able to read that file (in unix land, anyway).  If someone
can read that file, it means they already have your *nix password, and
you're in big trouble anyway.  If a cracker has gained root access, you're
totally effed and a database login is probably the least of your worries.

An encrypted password would provide another layer of obfuscation, but no
more actual security.  If someone else can read your file, they already have
access to your keys, too, so it would only be a matter of time.  It would
only be good for the times you've accidentally left the permissions on the
file too open (which you will be warned about the next time you try to use
the DBRC module).

That being said....plugins welcome. :)

Regards,

Dan