I have created a program that launches a separate child process that performs tasks on files. Some of these files are password protected, so in order for the child process to run on these files, it needs their passwords. My plan to accomplish this is to pass an XML config file containing all the file paths and passwords similar to this:
<Files> <File> <Path>C:\Users\hahaha\hehehe\file2</Path> <Password>123456abc</Password> </File> <File> <Path>C:\Users\blablaa\abc\file1</Path> <Password>123456abc</Password> </File> </Files> This information stays on the local machine and is never passed through a network. This XML config file is created within the parent process. The child process takes a string representing the path to this XML config file as an argument. The child process will then parse the XML file and then create a dictionary out of the files and passwords ( => file path, password). After the process completes the config file can be deleted.
My question is this: What is the best practice and method for storing the passwords in the config file? I assume that encrypting them would be sufficient. Or if there is an entirely different method that is better, what would that look like?
No comments:
Post a Comment