On 2000-01-14, Alfred Perlstein mentioned: > > issue: how to secure cgi's that access postgres > > > > problem: passwords for postgres database are stored > > in plain text in scripts. (lets assume, perl, > > not a compiled language) > > > > points: > > make cgi dir 711 > > big deal, they can get the name of the file > > from the web, and copy it. > > how about sourcing a conf file that's in a 700 dir? Security through obscurity is little security indeed. -- Peter Eisentraut Sernanders väg 10:115 [EMAIL PROTECTED] 75262 Uppsala http://yi.org/peter-e/ Sweden ************
- [GENERAL] cgi with postgres Jeff MacDonald
- Re: [GENERAL] cgi with postgres Peter L. Berghold
- Re: [GENERAL] cgi with postgres Alfred Perlstein
- Re: [GENERAL] cgi with postgres Jeff MacDonald
- Re: [GENERAL] cgi with postgres Alfred Perlstein
- Re: [GENERAL] cgi with postgres Peter Eisentraut
- Re: [GENERAL] cgi with postgres Alfred Perlstein
- Re: [GENERAL] cgi with postgres Ron Chmara
- Re: [GENERAL] cgi with postgres Alfred Perlstein
- Re: [GENERAL] cgi with postgres Ron Chmara
- Re: [GENERAL] cgi with postgres Mike Mascari
- Re: [GENERAL] cgi with postgres The Hermit Hacker
- Re: [GENERAL] cgi with postgres Peter Eisentraut