more perl login
Blake Barnett
plug-discuss@lists.plug.phoenix.az.us
11 Feb 2002 15:35:41 -0700
You can basically mimick the /etc/passwd file. Storing MD5 hashes or
salted hashes (recommended). And be extremely careful of your
permissions... not sure exactly how SECURE you're talking here. If you
are concerned about other users being able to view the contents of
memory and seeing a hash or determining the password then I'm not sure
where to point you w/regards to PHP and Perl.
You could always write a little SECURE C app that just reads your file,
and returns success or failure when given a user and a hash...
Hope this helps..
On Mon, 2002-02-11 at 15:13, Roderick wrote:
> Has anyone used text files via perl or php as "database" storage,
> SECURELY??
>
> Besides not being able to use the mysql databases on the isp's server
> for product information, I can't use it of course for password files.
> So I'm trying to figure out ways to SECURELY warehouse information for
> lookup and update.
>
> -- ROD
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--
Blake Barnett (bdb) <blake.barnett@developonline.com>
Sr. Unix Administrator
DevelopOnline.com office: 480-377-6816
Learning is a skill, you get better at it with practice.