Here’s a link to a great discussion I started on Stack Exchange’s security site:
Here is the question I asked.
I have a cronned perl script that connects to our database and does various kinds of lookups and integrity checks. The original script was written by someone long ago. My job is to make some changes to it. But I really don’t like staring at the username=”foo”, password=”bar” parameters hardcoded in there for accessing the database.
There’s got to be a more secure way of doing this. All I could think of to do for now is to comment out the cron job, delete the line in the script that had the password, and start brainstorming about how to make this more secure. But meanwhile the things the script does have to be done by hand.
PS: No, “foo” and “bar” are not our actual database credentials.
Click here to read all the answers and comments.