ok.
lets get back to the point, i'm not worried about webusers,
so .htaccess is not an issue.
this all arouse when one of hub's clients who runs a course
evaluation system asked
'what's to stop someone from logging in to hub, writing a script
with my name in user=user in the dbi::connect function. then
making it enter a bunch of bogus data.'
at first i thought gee well just put a passwd on the database,
then i thought, gee that's stupid since it's stored in plain text.
======================================================
Jeff MacDonald
jeff@pgsql.com irc: bignose on EFnet
======================================================