All my web-CGI applications are set-up and configured in the browser. Use GDBM (or similar) for storage and put the database path outside of the web-path, then it's not accessible from the web - but is accessible to Perl and your application.

e.g.

Web-path: "/InetPub/wwwroot/website1/database/" <--- bad location

Secure-path: "/database/" <--- good

 

In theory, there is no difference between theory and practise.  But in practise, there is.
 
Jonathan M. Hollin
Digital-Word.com