On Friday 03 Apr 2009, Chirag R wrote:
Following reasons :
1. My App looks bad since it requires to store password in clear-text
in a file. This is more of client requirement; they do not want any
password to be stored in clear-text. Take example of Oracle DB, it
provides you facility of Oracle Wallet, using which you can store
password and access it via a tnsname.
2. Accidentally doing a cat even by root will make the password
3. If you send across the system info to support to
troubleshoot my App, this file maybe included. Customer passwords
will be exposed to support guys. (I know customer can remove the
password line and send across the file, but again its about
I know root can access almost any file and cause damage/modify, but
that is something I am not worried about. The idea is to not keep it
ridiculously easy for someone to crack.
Since root has access to the whole system, all you can do is move the
plain text from the file to the application. For instance, you could
keep the password encrypted in the config file and let your application
read that and provide a key to decrypt the password and send it to
MySQL. However, that is essentially just shifting the encryption from
one point to another on the system.
If you're a believer in security by obscurity (which I'm not), this
method will work for you. On the other hand, anyone who can access
your application (e.g. root) can extract the algorithm and key from it
and decrypt the password herself if she so desires.
Raj Mathur raju(a)kandalaya.org http://kandalaya.org/
GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F
PsyTrance & Chill: http://schizoid.in/
|| It is the mind that moves