Hey, great discussion folks! Thanks for all the tips. Some of that is a
bit of a stretch for this beginner, but it gets me going in the right
directions. Off to learn more about DBM...
And yes, in this case the server is Win2k. Unfortunately the scripts have
to be run by the world at large
Of course, making sure CGI isn't readable is the only real bastion you've
got with interpreted Perl. Some other things to think about:
1) Make sure the SQL server is locked down! Ensure that it'll at a
minimum accept connections from only certain IP addresses. Don't rely on
mere password encry
Drieux wrote:
>
> a) use DB_FILE; is not required
> or were you being polite about it and vectoring
> back to the traditional and meant to imply reseting
> the cache size, etc, etc, etc
no, it's the result of a bad copy/paste. 'use DB_FILE' is not required in
this case.
>
> b) there is t
On Thursday, August 29, 2002, at 02:32 , david wrote:
[..]
> from Brian's code, it seems to me that he's running a windows machine so
> the
> getpw* stuff you refers to might not be available for him. again, i seldom
> develop anything in windows, so i can't be sure.
[..]
given that I do not ha
from Brian's code, it seems to me that he's running a windows machine so the
getpw* stuff you refers to might not be available for him. again, i seldom
develop anything in windows, so i can't be sure. if you are worry about
that someone will manually open the config(text base) file, you might w
On Thursday, August 29, 2002, at 11:44 , david wrote:
[..]
>
> $dsn =
> $usr =
> $psw =
>
> my $db = new Win32::ODBC("fileDSN=$dsn; uid=$usr; psw=$psw");
>
> that should avoid the horrifying "listing" effect...
my compliments - there is the part about the uid and psw
that you could get with
i am not a Windos guy and i am limited on what i know about ODBC. but why
not put your id and password in a config file so that your connect
statement will look like:
$dsn =
$usr =
$psw =
my $db = new Win32::ODBC("fileDSN=$dsn; uid=$usr; psw=$psw");
that should avoid the horrifying "listin
I asked earlier about a way to hide my password in the script, when calling
an SQL connection with a line like:
my($db) = new Win32::ODBC("fileDSN=myodbc.dsn; uid=myID; pwd=mysecret");
No answers, so let me ask another way: what steps should we take to keep
our scripts and embedded passwords
