如何在 C 中打开 DB 句柄并使用 SWIG 将其传递给 Perl?
请帮助我编写 SWIG 交互。
我想在C程序中打开一个数据库连接句柄。该句柄必须传递给 Perl,我将在其中使用 Perl DB 接口与数据库进行交互。出于安全目的,我们想使用这种机制。我想使用 SWIG 接口传递数据库句柄。
补充:
我们正在使用 Perl 基础设施来满足我们的业务需求。有太多的用户帐户、数据库服务器分布在整个公司中。我们希望企业密码得到保护,并且只允许特权成员使用。之前我们已将所有密码放入一个文本文件中并从中读取。如果我们保留在其他地方,那么他们将能够调试 Perl 模块并找到它们。如果我们在 C 中创建一个句柄并给出相同的句柄而不是返回密码,那会更有帮助。
Please help me in writing SWIG interace.
I want to open a database connection handle in C program. This handle must be passed to Perl, where I will use the Perl DB interface for interacting with the database. For security purpose we wanted to use this mechanism. I want to pass the database handle using SWIG interface.
Added:
We are using Perl infrastructure for our businees needs. There are too many user accounts, database servers, that are spread across the firm. We wanted business passwords to be secured and wanted to allow only the privileged members. Earlier we have placed all the passwords in a text file and read from that. If we keep anywhere else, then they will be able to debug the Perl modules and find them. If we create a handle in C and give the same instead of returning password, that will be more helpful.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
Perl DBI(数据库接口)没有规定将已经打开的数据库句柄传递给驱动程序 - 该接口假设(DBI 加上相关的数据库驱动程序或 DBD::XyzDBMS 模块)将建立连接。因此,最好的情况是,您将编写代码来扩展 DBI 以实现此目的,并扩展相关的 DBD 来支持它,这是一项非常重要的练习。
那么,为什么您认为这是一个好主意 - 以这种方式做事而不是仅仅让 DBI 处理连接有什么安全好处呢?
从很多角度来看,将密码嵌入到应用程序中都是错误的方法,很难知道从哪里开始:
“通过默默无闻的安全”根本不安全!
但这就是您建议使用的。
请向那些了解如何编写安全软件的人寻求一些建议。或者阅读一些有关该主题的优秀书籍。
The Perl DBI (DataBase Interface) does not make provision for passing an already-open database handle to the driver - the interface assumes that (DBI plus the relevant DataBase Driver or DBD::XyzDBMS module) will establish the connection. Therefore, at best, you are going to be writing the code to extend DBI to allow for this, and also extending the relevant DBD to support it, which is an altogether non-trivial exercise.
So, why do you think this is a good idea - what is the security benefit of doing things this way rather than just letting DBI handle the connection too?
Embedding the passwords in the application is the wrong way to go from so many points of view it is hard to know where to begin:
'Security through obscurity' is not secure at all!
But that is what you are proposing to use.
Please get yourself some advice on how to write secure software from those who know. Or read some of the many excellent books on the subject.
查看 Inline::C 作为替代方案(或温和的包装)斯威格。与尝试学习如何使用 SWIG 相比,您从 Perl 开始使用 C 会快得多。
Check out Inline::C as an alternative to (or a gentle wrapper around) SWIG. You will get going using C from Perl much faster than trying to learn how to use SWIG.
我们正在使用 Perl 基础设施来满足我们的业务需求。有太多的用户帐户、数据库服务器分布在整个公司中。我们希望企业密码得到保护,并且只允许特权成员使用。之前我们已将所有密码放入一个文本文件中并从中读取。
如果我们保留在其他地方,那么他们将能够调试 perl 模块并找到它们。
如果我们在 C 中创建一个句柄并给出相同的句柄而不是返回密码,那会更有帮助。
We are using Perl infrastructure for our businees needs. There are too many user accounts, database servers, that are spread across the firm. We wanted business passwords to be secured and wanted to allow only the privileged members. Earlier we have placed all the passwords in a text file and read from that.
If we keep anywhere else, then they will be able to debug the perl modules and find them.
If we create a handle in C and give the same instead of returning password, that will be more helpful.