Re: Secure ways to use DBI?

in reply to Secure ways to use DBI?

it's a matter of how much time and money you want to spend. if you want to stay on the cheap side, consider kerberos, LDAP, SSL, default config files, etc. if you want top notch security you can setup one time passwords that are retrieved at web system start (activated by a keycard or retina scan) behind a DMZ. Seriously though, a database & web server running with least privileges (non-privileged users) and default database config files (.mycnf for mysql) will provide you with "good enough" security. If it's for a commercial venture, definitely stick the db box behind a DMZ and backup your database often. Chris

Comment on Re: Secure ways to use DBI?

Replies are listed 'Best First'.
Re: Re: Secure ways to use DBI? by ScooterQ (Pilgrim) on Apr 17, 2003 at 15:13 UTC
(wow - I really like that kerberos key thing!) Another thing to consider is setting reasonable permissions on the user the CGI uses for database connections. If you only need to perform selects, don't give that user the ability to create and drop databases, among other things. This won't necessarily protect you from compromising your password, but it will help mitigate the damamge that can be done if someone gets in.	[reply]

Replies are listed 'Best First'.

Re: Re: Secure ways to use DBI?
by ScooterQ (Pilgrim) on Apr 17, 2003 at 15:13 UTC

[reply]

In Section Seekers of Perl Wisdom