[ILUG-BOM] FS permissions for CGI files

17 Mar 2002


      Here's the situation: I have a Perl CGI script which references a
file. The second file contains a password.
The password is required to access the database which is used by the
CGI application I'm writing.
Now the Perl CGI file definitely has to be readable and executable by
the webserver. What about the file with the password? It should also
be readable by the webserver daemon.
Problem is that anyone else whose scripts run on the same server can
simply cat the file using their own CGI scripts and se ethe passwords
etc.
So how is this fixed?
-- 
Satya. URL:http://satya.virtualave.net/ 
Cap'n! Cap'n! the UART's will'nae take the speed!

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[ILUG-BOM] FS permissions for CGI files