[Discuss] Passwords in Source Code?? Or, How to secure interprocess communications?

[kentborg at borg.org (Kent Borg)]

Related to my previous database questions...

Normally I think of a program as trusting itself, having some integrity, 
maybe not even having gaping bugs or security holes. But what if I the 
program I am writing is talking to another, such as Postgres? Postgres 
has the ability to do passwords, so do I just put a password in my 
program source? Set Postgres to only accept local connections, and hope 
for the best? Seems wrong. Do I try to put both in a chroot or something?

My program already has to hope that its program files are secured by the 
hosting OS, but at least if it isn't opening up a network port it stays 
a rather contained problem.

(I want multiple programs talking to the database, so no, I can't just 
link in Sqlite.)

Seems a general problem of securing interprocess communications.

Thoughts?

Thanks,

-kb, the Kent who knows that people Google for passwords, search github 
for passwords, and get a lot of juicy results.