Best practices for holding passwords in shell / Perl scripts I've as of late needed to clean off my Perl and shell content aptitudes to assist a few partners. The associates being referred to have been entrusted with giving a few reports from an inner application with an extensive Oracle database backend, and they just don't have the right stuff. While some may address whether I have those aptitudes either (smile), evidently enough individuals figure I do to mean I can't weasel out of it.
So to my inquiry - to extricate the reports from the database, my content is clearly connecting and run questions. I haven't up to this point figured out how to think of a decent answer for where to store the username and secret key for the database
CyberArk so it is right now being put away as plaintext in the content.
Is there a decent answer for this that another person has effectively composed, maybe as a CPAN module? Or on the other hand is there something different that is smarter to do - like keep the client/watchword combo in a totally isolate document that is shrouded elsewhere on the filesystem? Or on the other hand would it be advisable for me to keep them inconsequentially scrambled to simply dodge them being hauled out of my contents with a framework wide grep?
Alter: The Oracle database sits on a HP-UX server.
The Application server (running the shell contents) is Solaris.
Setting the contents to be possessed by just me is a no-go, they must be claimed by an administration account that different help work force approach.
The contents are expected to be keep running as cron occupations.
I'd love to run with open key validation, however am uninformed of strategies to make that work with Oracle - if there is such a strategy - illuminate me!