XP is just a number | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
How secure is /Inetpub/Secure/foo.dat from other users on the server? The thing I like about Apache suExec is that I can set 'chmod 600 /Inetpub/Secure/foo.dat' to protect the contents while retaining cgi access. I've been setting up private ~/lib directories that way. Can readers of the config be tricked into remembering too much? The polymorphisn you set up is a specialization to certain arguments of the stock DBI::connect method. Perhaps if your modules are sufficiently unreadable to the world, you can let each module take care of its own $dbuser and $dbpass using the same bareblocked closure you quote, but without the need for a synched config file. A module then knows its own secrets, and no other secrets are exposed to it. Security is pretty often at odds with maintainability, and I think your question is an example of that. Apache suExec requires extra care. I wouldn't develop for it without taint on. After Compline, In reply to Re: Best practice with polymorphic constructors
by Zaxo
|
|