in reply to Ecrypting passwords
The password directory isn't readable by anyone except the running script.
Actually the script will likely be running as the webserver default user so anyone that hacks the server via a badly coded CGI will have access to that dir.
cheers
tachyon
s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
In Section
Seekers of Perl Wisdom