Home > Archive > PERL Miscellaneous > June 2004 > win32 - access shared folder
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
win32 - access shared folder
|
|
| Sebastian Scholz 2004-06-29, 3:57 am |
| Hi
I like to do a simple copy to a shared folder, which is basically no problem
until the user is not connected to the maschine and has to enter a username
and password.
copy("c:/test.htm","//192.168.1.192/wwwroot/test.htm");
The shared folder needs a login with login information that the user is not
suppose to have, so the login data has to be hard coded. What do I have to
do that the script does an automatic login ?
Thanks,
Sebastian
| |
| MrReallyVeryNice 2004-06-30, 9:05 am |
| First of all, let me offer you a little _untested_ sample script that will
hopefully help you:
--- Beginning ---
use strict;
use warnings;
my $IP=192.168.1.192; # define $IP to match your environment
my $ShareName='wwwroot'; # define $ShareName to match your environment
my $UserName='Administrator'; # define $UserName to match your environment
my $Password='SensitivePassword'; # define $UserName to match your
environment
# the following net use should connect to the share using the credentials
# defined for $UserName and $Password.
system ("net use \\\\$IP\\$ShareName /u:$IP\\$UserName $Password");
#you should now have access to the share and should be able to copy your
file over
system ("copy client.pl \\\\$IP\\$ShareName\\*.*");
--- End -----
Not being a native english speaker, I must admit that I'm slightly shooting
dark because the following statment is ambiguous (to me):
"The shared folder needs a login with login information that the user is not
suppose to have, so the login data has to be hard coded. What do I have to
do that the script does an automatic login ?"
Let me try to address what I believe to be your concern. As you requested,
if you hard code the login data (username/password) in the script, it is
really not secure. It is pretty much equivalent to handing over the
information to the end user running the script. Of course you might be in an
environment where users are not computer literate but it is only a matter of
time before one user reads your source code and figure out the
username/password.
You will find many threads concerning 'hidding' your source code. Run the
command 'perldoc -q hide' on your system or google. The bottom line is that
there is no way to hide the information once the script is running on the
user machine. You can try to create an executable or to offuscate the info,
however, another person with a bit of motivation and knowledge will
eventually reverse engineer your code. My purpose is not to scare you but
to make you aware. Writing a script containing a sensitive username and
password is just not secure.
To 'minimize' the risk, you might want to create a generic user that is
limited to writing to the share that you want the user to access. Don't use
any sensitive user belonging to your administrators group. :-) Also, you
have to realize that upon exit of the sample script provided above, the
connection to the share will still be there. You should consider removing
the connection to the share:
system ("net use \\\\$IP\\$ShareName /d"); # untested code
Don't hesitate to ask further questions or to report problems/success.
MrReallyVeryNice
|
|
|
|
|