I agree that "don't" isn't a helpful answer to "how do I do this", but it's probably a good one. Storing passwords is such a bad idea that most login systems have stern features to prevent you from using any.
As for alternatives -- it might help if you told us more about your problem. We don't even know if the database you're connecting to is on the same system, let alone what kind it is or what platform it runs on. There do exist secure, passwordless authentication systems like what ssh can use..
I can see the disavantage of having the password in plain text but haven't heard something really useful/mininful for someone who has come across to the same situation. It would be good to hear from someone to have been in similar situation and how they got around it. thanks.
you should revist the design. split out the processes so the end-user does not have direct access to the database update. from a high level for example put a file/message on a queue; then another protected/privilieged process comes through and processes that message.
Thanks for your replies. I'll be looking at implementing some sort of encryption mechanism. It'll be a bit tricky becase basically the command that the script needs to execute is :
db2 connect to DBNAME user USERNAME using PASSWORD;
For some silly really with DB2 you have to make an explicit connection using the command above when connecting remotely. Usually we can get away having customers to schedule their jobs/scripts using control-M because it can execute any scripts taking over the access from other userid withoyut having to supply user/password when those scritps are executed locally on the server. But in this case the scripts needs to be executed remotely so..
But anyway I think I got some ideas that I should be testing soon. Thanks.
Thanks for your replies. I'll be looking at implementing some sort of encryption mechanism.
We know. For all the reasons we already explained, that doesn't work... Even if you encrypt it inside the executable, the code to decrypt it is built right into the executable for the convenience of any hacker. It even runs itself for them, they couldn't have it any better. Rube goldberg devices are not the way to go.
Can you "encrypt" the program's own arguments, anyway? The arguments themselves may be visible in /proc/ without security restriction.
Quote:
For some silly really with DB2 you have to make an explicit connection using the command above when connecting remotely.
So tunnel the connection in something that can be securely and passwordlessly authenticated, like ssh, so the DB connection can be made locally.
Here is one explicitly defined way to do it.
1. create a file with 600 permissions just for the user, in a directory with 700 permissions.
We'll call the file .data
2. use crpyt (comes with most unixes)
Code:
# From your command line: get a password with mixed characters then
# also create another password - this is a problem as well - the key for the password file
echo 'password' > clear.file
crypt key< clear.file > .data
rm clear.file
3. Now we have the key (another password to mess with)
Code:
# at the command line
key=keypassword
echo "$key" > .keepme
chmod 700 .keepme
4. In your C code
Code:
FILE *fp=fopen( "/path/to/.keepme", "r");
FILE *cmd=NULL;
char tmp[32]={0x0};
char *p=NULL;
char cmdstring[128]={0x0};
fgets(tmp, sizeof(tmp), fp);
fclose(fp);
p=strchr(tmp, '\n');
if(p!=NULL)
*p=0x0; /* lose the newline */
sprintf( cmdstring, "crypt %s < .data | pr", tmp);
cmd=popen(cmd, "r");
fgets(cmd, sizeof(tmp), cmd);
pclose(cmd);
# use pwd to connect.
sprintf( myconnectstring,
"db2 connect to DBNAME user USERNAME using %s;", tmp);
This means that only root or the special user you have for the job can see the files. Be sure permissions are set correctly on your executable.
It is not hacker-proof by any means, but casual users will not be able to do much with. Be sure your .keepme and .data files are set correctly permissions-wise. There is no error checking in the code, it needs some.
It is not hacker-proof by any means, but casual users will not be able to do much with. Be sure your .keepme and .data files are set correctly permissions-wise. There is no error checking in the code, it needs some.
now I know this code was not hacker-proof but the popen() call just allowed anyone on the system to capture the password by running the ps command(at the right time of course).
---------- Post updated at 22:22 ---------- Previous update was at 22:16 ----------
Quote:
Originally Posted by arizah
For some silly really with DB2 you have to make an explicit connection using the command above when connecting remotely. Usually we can get away having customers to schedule their jobs/scripts using control-M because it can execute any scripts taking over the access from other userid withoyut having to supply user/password when those scritps are executed locally on the server. But in this case the scripts needs to be executed remotely so..
But anyway I think I got some ideas that I should be testing soon. Thanks.
It's not really a silly reason to require credentials when connecting remotely. Do you really want the data to be accessible from anyone on your network? The reason the script works without a password when running on the database server is because the connection is over IPC and the user is already authenticated to the server. If you really don't want/need to authenticate users then set your authentication to CLIENT and then no password will be required. I highly recommend against doing that though.
If your at DB2 9.5 or higher have a look at TRUSTED CONTEXT. It can do things like this but provide greater controls then opening it up to the world.
Here is one explicitly defined way to do it.
1. create a file with 600 permissions just for the user, in a directory with 700 permissions.
We'll call the file .data
2. use crpyt (comes with most unixes)
Code:
# From your command line: get a password with mixed characters then
# also create another password - this is a problem as well - the key for the password file
echo 'password' > clear.file
crypt key< clear.file > .data
rm clear.file
3. Now we have the key (another password to mess with)
Code:
# at the command line
key=keypassword
echo "$key" > .keepme
chmod 700 .keepme
4. In your C code
Code:
FILE *fp=fopen( "/path/to/.keepme", "r");
FILE *cmd=NULL;
char tmp[32]={0x0};
char *p=NULL;
char cmdstring[128]={0x0};
fgets(tmp, sizeof(tmp), fp);
fclose(fp);
p=strchr(tmp, '\n');
if(p!=NULL)
*p=0x0; /* lose the newline */
sprintf( cmdstring, "crypt %s < .data | pr", tmp);
cmd=popen(cmd, "r");
fgets(cmd, sizeof(tmp), cmd);
pclose(cmd);
# use pwd to connect.
sprintf( myconnectstring,
"db2 connect to DBNAME user USERNAME using %s;", tmp);
This means that only root or the special user you have for the job can see the files. Be sure permissions are set correctly on your executable.
It is not hacker-proof by any means, but casual users will not be able to do much with. Be sure your .keepme and .data files are set correctly permissions-wise. There is no error checking in the code, it needs some.
Hi Jim,
I like this approach and I was testing it but the crypt command doesn't seems to be available on AIX.
What is the trick to get a java program to run and compile? I can't even get a basic skeleton to run and compile. What packages do I need? I figured the java-gcj and gcc-java packages was enough. Do I need any other packages?
I thought I had to do this and it would work but its not.
javac... (1 Reply)
Hi,
I having an issue while compiling a C program in USS (z/OS) machine.
I was able to create objest files (.o) from source (.c) files but when I try to create a binary file from the object files I am getting the below error.
$ cc util.o sock.o app.o -lnsl -o ptf
FSUM3067 The archive... (7 Replies)
Hi,
I have a program which collects performance data from AIX. It works fine on older releases (< 5.3) but I fail to get data from /proc.
I would really appreciate it if someone could compile (using ANSI compat C compiler), run the program (for 30-40 minutes) on AIX 6.1 and send me the... (2 Replies)
Hi,
wcslen(), strlen() returns size_t.
On 64-bit platform i want to use int like
str length is 10.
int len = wcslen(str);
On 64-bit what should I need to do if i wants the length in int. Because getting error as "Conversion of 64 bit type value to "int" causes truncation".
if i... (17 Replies)
I am trying to compile a c program on AIX 5.3L 64-bit unix.
I have used this program in the past and it works.
Does anybody know what this error means?
/usr/local/bin> gcc get_epoch_secs.c get_epoch_secs
gcc: get_epoch_secs: No such file or directory
get_epoch_secs.c: In function... (8 Replies)
Hello Guys,
I am using Solaris Developer Express Edition 9/07, I am a beginner. Please tell me how to compile and execute a C program. Please give me your answers clearly, for the compilers cc,c89,c99. I not getting the answer anywhere. Please....... reply to me.
Advance thanks......... (0 Replies)
Hi ,
I have freeBSD installed. I need to compile a c program which has embedded informix sql statement in it.
Can you please help me to to do the same. I need to know what I should I do to make BSD compatable to compile the c program ?
Thanks in advance
Jisha (3 Replies)
how can i do static compilation in cc and -lldap
i have system defined and user defined header file.
Can any one suggest any site where from i can get some information about static and dynamic compilation.
Thankx (1 Reply)
Hi all,
Yeasterday I try to compile c program by using cygwin. I just find an errors the fist one is concerinig about the end of the line.
To summit my Assignment which is the day after tommorow I have to compile my c program by using just gcc.
If any one know what do I have to... (5 Replies)
how do i go about compiling a simple hello world script in mandrake linux? this is something i have had no luck in finding on the main site, please help?
thank you (2 Replies)
