* Peter Eisentraut <peter_e@gmx.net> [000116 09:30] wrote:
> On 2000-01-14, Alfred Perlstein mentioned:
>
> > > issue: how to secure cgi's that access postgres
> > >
> > > problem: passwords for postgres database are stored
> > > in plain text in scripts. (lets assume, perl,
> > > not a compiled language)
> > >
> > > points:
> > > make cgi dir 711
> > > big deal, they can get the name of the file
> > > from the web, and copy it.
> >
> > how about sourcing a conf file that's in a 700 dir?
>
> Security through obscurity is little security indeed.
I don't see how using the unix permissions as a
form of ACL is security through obscurity... or do you
chmod 644 /etc/shadow on your boxes?
--
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]