Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Reaped: DSN Wrapper for Secure DBI Passwords

by NodeReaper (Curate)
on Apr 27, 2001 at 21:10 UTC ( [id://76172]=CUFP: print w/replies, xml ) Need Help??

This node was taken out by the NodeReaper on Dec 21, 2023 at 20:12 UTC
  • Comment on Reaped: DSN Wrapper for Secure DBI Passwords

Replies are listed 'Best First'.
Re: DSN Wrapper for Secure DBI Passwords
by DrZaius (Monk) on Apr 28, 2001 at 08:09 UTC
    This all seems very complex and not portable -- not everyone has proc.

    Why are you hiding your usernames/passwords anyway? The only time this may be required is when you are sharing a server with other people. If security is a concern you will probably be using a dedicated server anyway.

    If you have a lot of users, then file system permissions should be enough anyway -- only the uid your cgi scripts execute under should have read permissions to this file. Your password files should not be in the web root.

    Why not put these in the environment, then you can use %ENV to get at them. Then your passwords are stored only in your webserver config files. btw, this doesn't scale if you have more than one database.

    When it comes down to it, shouldn't you have your database server only configured to accept connections from your webserver anyhow?

    Just some thoughts.

[reply]

Back to Cool Uses for Perl

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: CUFP [id://76172]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (2)
As of 2024-04-19 20:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found