PEPPLER.ORG
Michael Peppler
Sybase Consulting
Menu
Home
Sybase on Linux
Install Guide for Sybase on Linux
General Sybase Resources
General Perl Resources
Freeware
Sybperl
Sybase::Simple
DBD::Sybase
BCP Tool
Bug Tracker
Mailing List Archive
Downloads Directory
FAQs
Sybase on Linux FAQ
Sybperl FAQ
Personal
Michael Peppler's resume

sybperl-l Archive

Up    Prev    Next    

From: "Avis, Ed" <avised at kbcfp dot com>
Subject: sybperl patch: look after password more carefully
Date: Oct 20 2003 12:45PM

ed@membled.com wrote:

[DBD::Sybase]

>This patch improves things by making the current example PWD
>file be called PWD.factory, so that 'make clean' can remove the
>real PWD containing the user's password.  When prompting for a
>password it is not echoed.  PWD is created unreadable by others.
>If PWD exists it is read for defaults on later configuration
>(apart from password - that is never printed to the screen, so
>there is no default answer), otherwise PWD.factory is read.

Here's an equivalent patch for sybperl:

diff -wru sybperl-2.15/MANIFEST sybperl-2.15-new/MANIFEST
--- sybperl-2.15/MANIFEST	2002-04-23 22:33:51.000000000 +0100
+++ sybperl-2.15-new/MANIFEST	2003-10-20 13:38:18.000000000 +0100
@@ -30,7 +30,7 @@
 FAQ
 MANIFEST
 Makefile.PL
-PWD
+PWD.factory
 README
 README.linux
 README.thread
diff -wru sybperl-2.15/Makefile.PL sybperl-2.15-new/Makefile.PL
--- sybperl-2.15/Makefile.PL	2002-07-16 22:24:26.000000000 +0100
+++ sybperl-2.15-new/Makefile.PL	2003-10-20 13:39:47.000000000
+0100
@@ -8,6 +8,7 @@
 
 $sattr = &config;
 
+my $written_pwd_file = 'PWD';
 configPwd();
 
 $linktype = defined($$sattr{LINKTYPE}) ? $$sattr{LINKTYPE} : 'dynamic';
@@ -43,6 +44,7 @@
 
 WriteMakefile('DISTNAME' => "sybperl",
 	      'NAME' => Sybase, 
+           'clean' => { FILES => $written_pwd_file },
 	      'VERSION' => $$sattr{VERSION},
 	      'dist' => {'TARFLAGS' => "cvf", 'COMPRESS' => "gzip"},
 	      'LINKTYPE' => $linktype,
@@ -65,8 +67,15 @@
 }
 
 sub configPwd {
-    open(IN, "PWD") || die "Can't open PWD: $!";
     my %pwd;
+    my $pwd_file;
+    my @poss = ($written_pwd_file, 'PWD.factory');
+    foreach (@poss) {
+        $pwd_file = $_, last if -e;
+    }
+    die "could not find any of: @poss\n" if not defined $pwd_file;
+
+    open(IN, $pwd_file) || die "Can't open $pwd_file: $!";
     while() {
 	chomp;
 	next if(/^\s*\#/);
@@ -83,10 +92,27 @@
     $pwd{SRV} = getAns() || $pwd{SRV};
     print "User ID to log in to Sybase (default: $pwd{UID}): ";
     $pwd{UID} = getAns() || $pwd{UID};
-    print "Password (default: $pwd{PWD}): ";
-    $pwd{PWD} = getAns() || $pwd{PWD};
 
-    open(OUT, ">PWD") || die "Can't open PWD: $!";
+    print "Password: ";
+    if (-t) {
+        # Stop the password being echoed.
+        require Term::ReadKey;
+        Term::ReadKey::ReadMode('noecho');
+    }        
+    $pwd{PWD} = getAns();
+    if (-t) {
+        print "\n";
+        Term::ReadKey::ReadMode('restore');
+    }
+
+    warn "\n* Writing login information, including password, to file
$written_pwd_file.\n\n";
+    
+    # Create the file non-readable by anyone else.
+    my $old_umask = umask(077);
+    die "cannot umask(): $!" if not defined $old_umask;
+    open(OUT, ">$written_pwd_file") || die "Can't open
$written_pwd_file: $!";
+    umask($old_umask) != 077 && die "strange return from umask()";
+ 
     print OUT <