When I was testing a Jifty application and I had authentication errors, I noticed from DBI->connect's warn that "user=foo;password=bar" is being put into the DSN. This is a problem, because this exposes the password if DBI connect connect to the database. It's also redundant, because the user and password are passed into the second and third argument of DBI->connect as well as via the DSN. If you want me to, I can make the fix.
Jason
_______________________________________________ jifty-devel mailing list [email protected] http://lists.jifty.org/cgi-bin/mailman/listinfo/jifty-devel
