List:General Discussion« Previous MessageNext Message »
From:Christopher R. Jones Date:October 1 1999 3:14pm
Subject:Security in Perl/CGI
View as plain text  
I will be developing a WEB application that allows users to create new
MySQL databases.  I think there are two possible scenarios:
1.  SU adds new users to mysql and the user can then create database.
2.  SU creates new database giving user access to select, insert, delete.

I am concerned about hiding the SU user_id and password in the CGI scripts.  
For example, a CGI script contains something like:
my $db = "buildings";
my $user = "cjones";
my $password = "spikeo";
my $hostname = "";

Any ideas?

Thanks.



Christopher R. Jones, P.Eng.
14 Oneida Avenue
Toronto, Ontario M5J 2E3
Tel. 416 203-7465
Fax. 416 203-3044
Email cj@stripped


Thread
Security in Perl/CGIChristopher R. Jones1 Oct
  • Re: Security in Perl/CGIMartin Ramsch1 Oct
  • Re: Security in Perl/CGIPaul DuBois1 Oct