Re: Crypt::RSA
- From: "Peter J. Holzer" <hjp-usenet2@xxxxxx>
- Date: Sun, 11 Mar 2007 14:21:24 +0100
On 2007-03-10 23:43, rjvennes@xxxxxxxxxxx <rjvennes@xxxxxxxxxxx> wrote:
I'm creating a CGI application where customers enter information in a^^^^^^^^^^^^^^^^^
Here's the problem. I don't want the private key to live anywhere on
the server, but only on local machines. The idea is to have the
private key uploaded into memory and used to decrypt the data so it
can be viewed over a secure web page.
If you are really writing a CGI application (as opposed to, e.g., a
mod_perl or FastCGI application) that can't work. Every invokation of a
CGI script is a separate process, so you can't keep any information "in
memory" between them, you have to use some kind of storage which is
accessible to multiple processes. You could use shared memory or a RAM
disk, but for a server which typically runs many months between reboots
that's about the same as a hard disk from a security point of view.
hp
--
_ | Peter J. Holzer | Blaming Perl for the inability of programmers
|_|_) | Sysadmin WSR | to write clearly is like blaming English for
| | | hjp@xxxxxx | the circumlocutions of bureaucrats.
__/ | http://www.hjp.at/ | -- Charlton Wilbur in clpm
.
- Follow-Ups:
- Re: Crypt::RSA
- From: rjvennes
- Re: Crypt::RSA
- References:
- Crypt::RSA
- From: rjvennes
- Crypt::RSA
- Prev by Date: Re: Crypt::RSA
- Next by Date: tie and tie with IO::Multiplex and Device:SerialPort?
- Previous by thread: Re: Crypt::RSA
- Next by thread: Re: Crypt::RSA
- Index(es):
Relevant Pages
|
|
