++, but still, what is to stop someone from doing this to the original script: (pseudo-code)...

    my $db_password = get_password("filename");
    print $db_password;   # someone could insert this...    

    my $dbh = DBI->connect(.....);
[download]

I don't think there is any way around this is there? Security through obscurity (while obviously bad for other reasons) falls down on this issue too.

$ perldoc perldoc