For Programmers: Free Programming Magazines  


Home > Archive > PERL CGI Freelance > March 2004 > How to prevent connection string from being public?









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author How to prevent connection string from being public?
James Henson

2004-03-19, 1:25 pm


I'm using a MySQL database from within some Perl cgi's. To
make the connection, I have to supply the username/password
in the connection string. This info is readable for anyone
that can view my code, e.g. all other users that can access
the webserver directly, or by some possible exploit.

How can I avoid this? I can't have my own webserver, obviously.

I have set up the database server so it only accepts connections
from the webserver box, but that doesn't help with the above
problem.

Any pointers?

James

Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com