×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Sometimes it doesn't show up with either the keyword (USRPRF or such) or
the profile.
Some years ago I wrote a simple automated procedure to FTP "stuff" on
one system to another one automatically. My profile and password were
hard-coded in the INPUT file.
Needless to say I didn't like my password being "out in the open" even
though I secured the PF-Src file with *Public *Exclude and allowed only
my boss and me to have access to it.
So I later re-wrote it to use a datafile where the profile and password
were scrambled (crude encryption) and a program read the file,
unscrambled it and built the FTP script. And the script was whacked
upon completion. There is no obvious trace of my profile and password
anywhere in the string today that one could find by scanning source or
database files. And the process runs flawlessly every night.
* Jerry C. Adams
*IBM System i Programmer/Analyst
B&W Wholesale Distributors, Inc.* *
voice
615.995.7024
fax
615.995.1201
email
jerry@xxxxxxxxxxxxxxx <
mailto:jerry@xxxxxxxxxxxxxxx>
rob@xxxxxxxxx wrote:
Scanning source could be a problem. A clever person would do something
like
usrprf = x'..' +x'...' +x'...';
and probably not name the variable USRPRF. And if it was a command string
not build it so that 'USRPRF' was scannable either.
It's probably not a bad idea to scan (helps to avoid that egg on your face
if they actually did leave it plain text and you didn't notice it but an
auditor did), but do not assume you're then in the clear.
Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.