[Melbourne-pm] Obfuscating passwords in configurations
David Dick
ddick at iinet.net.au
Wed Dec 1 03:58:57 PST 2010
On 01/12/10 21:29, Leigh Sharpe wrote:
> Hi All,
> I'm using Config::Simple to retrieve configuration options from an
> external file. One of the configuration options is a password, but I'm
> really not keen on having a password in plain-text in a config file.
> Just setting the config file to be non-world-readable isn't really
> adequate. Can anybody suggest a way of obfuscating the password in the
> config file, and being able to retrieve it in my program?
I think it has to come down to the question of what you are trying to
defend against. If you are trying to protect the password against a
determined attacker with a local account on the machine, i cannot think
of a way. Obfuscation ain't much of a hope against a determined attack.
If you are trying to help a sys-admin not know the passwords just b/c
they _have_ to look at the config file, would padding and base64
encoding be acceptable? From the above, it sounds like you are trying
to protect against a user that already has an account on the machine in
question, which would have to raise the possiblity of the attacker
obtaining root access via a privilege escalation attack and owning the
box anyway.
The only other way that i could think of is encrypting the password with
a variable (like the account password) that only the allowed user knows.
That way, the complete secret is not stored on the filesystem.
However, even then, with a hostile local (probably soon to be root)
user, i don't think you could be confident that your secret will stay
secret for long.
More information about the Melbourne-pm
mailing list