"Cox, Todd (NCI)" <[EMAIL PROTECTED]> writes:
> I have a few Perl scripts that updates our Novell Directory using the
> Net::LDAP module. My question is I have created a ldap properties file that
> has the bind user and a few other items like scope and base. I would like
> to know the best way to secure this file but still have my scripts able to
> access it. I am currently running apache 1.2.3 under Linux 7.1.
>
> Any thoughts are appreciated.
Placing the properties file out of the web-directory tree
(e.g:
~/htdocs/ == directory root
~/var/properties/ == place to put property files
)
and making sure your properties file is read-only for the user that is
running the cgi-bin process (with suEXEC this would be whoever's home
directory it is in the above example) and running suEXEC.
If your cgi-bin directory is at: ~/cgi-bin/ then just load up the
properties file as:
open PROPERTIES, "<../var/properties/nds.csv";
# etc
If you're unable to run the cgi-bin with suEXEC, you might conider
encrypting the properties file using public key encryption but I've
only done the former suggestion myself.
Elizabeth
