Perl Monk, Perl Meditation | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
What are some basic things I can do to make this script more secure?
Run perl with the -T switch to turn taint checking on. If need be, would it be wise to use this script on a business web site? I'm not sure I understand what you mean. If your business needs this, then yes, if it doesn't, then no. Lastly, is it a wise decision to have the actuall password name in the script or should I call it from a txt file (or something else)? First, you shouldn't store the plaintext password, store it crypt'd. As for where to store it, that depends on your system's setup, you'll preferably want to store it in a file which can be read by as few people as possible, that could be your CGI if you're using suEXEC or similar mechanism. In reply to Re: CGI Password
by Anonymous Monk
|
|