0

I want to subclass the DBI module to hide the connect subroutine with C code. For example, I have:

$dbh = DBI->connect($data_source, $username, $auth, \%attr);

I want to write some C code which calls the above DBI->connect subroutine and returns the $dbh handle in Perl.

Is that possible to do and if so, could someone provide an example or point to some sources?

ThisSuitIsBlackNot
  • 23,492
  • 9
  • 63
  • 110
smith
  • 3,232
  • 26
  • 55
  • 2
    There are easier ways to hide database credentials. For example, with MySQL you can store them in a non-world-readable file and use `DBI:mysql:;mysql_read_default_file=/path/to/file` as the DSN. Postgres has `.pgpass`. I'm sure other DBMS's have similar options. – ThisSuitIsBlackNot Mar 26 '14 at 20:46
  • Thanks I am familiar with that but I want to use some dcryption mechanism before using the DBI->connect – smith Mar 26 '14 at 20:59

1 Answers1

1

Why subclass? Just create a sub!

sub my_connect {
   # Get from config file or whatever
   my $user   = ...;
   my $passwd = ...;

   return DBI->connect($data_source, $username, $auth, \%attr);
}
ikegami
  • 367,544
  • 15
  • 269
  • 518
  • I want to read the user and the pass decrypt them on C code using dcryption mechanism and then pass them to DBI>connect or simulate it from the C code and return the dbi handler to perl code ,the perl code only see the returned $dbi connection – smith Mar 26 '14 at 21:17
  • 3
    You seem to forget that DBI::connect is a Perl sub. `my $old_connect = \&DBI::connect; *DBI::connect = sub { print(STDERR "Mwuahaha @_\n"); goto &$old_connect };` – ikegami Mar 26 '14 at 21:27
  • do you have an alternative tricky way to dcrypt password in perl without providing the reader of the code to know about the mechanism and use them inside the DBI ? – smith Mar 26 '14 at 21:35
  • Nothing in what I posted reveals the mechanismencryption scheme. – ikegami Mar 26 '14 at 21:40
  • but in that case every print $passwd Will reveal the passwd – smith Mar 26 '14 at 21:45
  • As I understand there are no a tricky solution to hide this from the person who have access to the code? – smith Mar 26 '14 at 21:46
  • If "this" is "DBI::connect's arguments", no. Same goes for any other sub that can be called from Perl. – ikegami Mar 26 '14 at 21:48
  • what your solution in this case do you recommend to store the password on protected file as encrypted and decrypt it on the code and use it ? – smith Mar 26 '14 at 21:55
  • 2
    You have not specified what risks you are trying to protect against and their likelyhood, so how can I possibly give an opinion on how to mitigate them? (Note that I'm not interested in doing any kind of risk analysis at the moment. We're now far off topic, and you've used more time that I had.) – ikegami Mar 26 '14 at 21:59