JoeJaz has asked for the wisdom of the Perl Monks concerning the following question:
HI,
I am using Perl and CGI on a public server to access a MySQL database. I have my password and username for the MySQL database included at the top of each of my Perl scripts. The password file simply initializes two variables to my username and password. The include statements in my Perl scripts point to a file called something like security.pl in ~/ . However, I just discovered that, since the apache needs to have read access to that file, the file is forced to take read permissions for the apache user. Some other user on the system, if they know the name of my file, can create a Perl script which also includes my security.pl file and reads out the contents of the username and password variables. Obviously, this is not acceptable. Since MySQL / CGI websites are very common on the internet, there must be a way secure this security.pl file. I am wondering how most people store their MySQL username and passwords. Thank you for taking the time to read this. Have a nice day,
Joe
|