If you have apache and mod_perl, you can initialize the DBI in the apache.conf file (which will probably be root.root), as described here. This should be more secure than having it in the cgi files, as now a would-be cracker would have to get root access to get the password, as opposed to possibly coying your web server to give the source to the cgi .pl files.

Also, some db, (mysql included) use a user's config file that can store the username and password to connect to. A bit more secure particularly if you make sure that the http server's user's home directory is outside the location of the pages to be served.