I will be developing a WEB application that allows users to create new
MySQL databases. I think there are two possible scenarios:
1. SU adds new users to mysql and the user can then create database.
2. SU creates new database giving user access to select, insert, delete.
I am concerned about hiding the SU user_id and password in the CGI scripts.
For example, a CGI script contains something like:
my $db = "buildings";
my $user = "cjones";
my $password = "spikeo";
my $hostname = "";
Christopher R. Jones, P.Eng.
14 Oneida Avenue
Toronto, Ontario M5J 2E3
Tel. 416 203-7465
Fax. 416 203-3044