Hi,
I want to build a database application based on mod_perl and Apache::DBI.
The goal of Apache::DBI is to get persistent database connections using
only
one database user because of resource limits. The problem I see is that
the
password for connecting to the database is clear readable in the
On Fri, 15 Nov 2002, [iso-8859-1] Faßhauer, Wolfgang, FCI3 wrote:
Have you thought of running your webserver as some 'www' user? You can
then make your scripts readonly by a 'dev' group which the www user and
the developes are members of.
CORRECT:
'readonly' should be 'only readable' by
Yes, that's our plan, too. But the risk still remains that someone
will get a look to the script. I think, there is a golden rule: Never put
clear text passwords in files. Those files are stored in archives by backup
for example. There maybe a lot of people (sysadmin, developer, ...)
On Fri, 15 Nov 2002, [iso-8859-1] Faßhauer, Wolfgang, FCI3 wrote:
Hmm. I think that the guy who wrote Blowfish_PP would cut my
danglies off
for that one.
This is an interesting idea.
Cutting my danglies off? hmm. Sounds painful.
Many thanks to you, Rafiq!
s'ok, although I wouldn't implement
On Fri, Nov 15, 2002 at 12:52:13PM +, Rafiq Ismail (ADMIN) wrote:
$Apache::PARANOID::dbiPassword
= $bfish-decrypt($encryptedPassword);
then whenever you want your password you access
$Apache::PARANOID::dbiPassword.
Hmm. I think that the guy who wrote Blowfish_PP would cut my
=?iso-8859-1?Q?=22Fa=DFhauer=2C_Wolfgang=2C_FCI3=22?= [EMAIL PROTECTED]
ads.net wrote:
Hi,
I want to build a database application based on mod_perl and Apache::DBI.
The goal of Apache::DBI is to get persistent database connections using
only
one database user because of resource limits. The