Come for the quick hacks, stay for the epiphanies. | |
PerlMonks |
Re: Re: Re: Secure ways to use DBI?by phydeauxarff (Priest) |
on Apr 17, 2003 at 12:56 UTC ( [id://251179]=note: print w/replies, xml ) | Need Help?? |
I may be misunderstanding your point about storing the password in a file "makes it more difficult to control security". We have several hundred pages of CGI that have to access our mySQL database and in our own attempt to make the system more secure (this system is not on a public web, but only available to our employees..but still, it doesn't hurt to be careful) as well as easier to code and manage, we store the mySQL username/password info in a seperate file .
Here is the code for the file that sets up the mySQL connection
We can then make our mySQL setups in each of our CGI scripts with
this gives us not only the security of not having the mySQL username/passwords in the CGI but also makes it very easy to change the username/passwords on the server since they are stored in one location.
In Section
Seekers of Perl Wisdom
|
|