in reply to Data Security in Perl

Your webmaster is probably going to use htaccess with Basic Access in setting up accounts, making it trivial for anyone with a sniffer to get the password and shortly afterwards an account on the box. Worrying about file protection mechanisms after that is like closing the barn door after the horses have escaped.

But if you want to do this useless thing, then use the sudo utility (which needs to be configured) to allow the modification script to run as root. Then you can have the trappings of security, if none of the substance. (Figuring out how to set up https will go a long way towards fixing that.)

Replies are listed 'Best First'.
Re: Re: Data Security in Perl
by Anonymous Monk on Sep 04, 2002 at 11:45 UTC
    Your right. The main problem is making sure nobody can access the database and user data from their browser by just typing domain.com/databaes/data.dat and saving it. BUT at the same time allowing logged in users to edit it AND the webmaster to create new files, and delete from it. Thanks, Adam
[reply]

In Section Seekers of Perl Wisdom