| From: | "Jeff MacDonald <jeff(at)pgsql(dot)com>" <jeffm(at)pgsql(dot)com> |
|---|---|
| To: | |
| Cc: | Alfred Perlstein <bright(at)wintelcom(dot)net>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Jeff MacDonald <jeff(at)hub(dot)org>, pgsql-general(at)hub(dot)org |
| Subject: | Re: [GENERAL] cgi with postgres |
| Date: | 2000-01-17 03:47:08 |
| Message-ID: | Pine.BSF.4.10.10001162346500.435-100000@rage.hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
ok.
lets get back to the point, i'm not worried about webusers,
so .htaccess is not an issue.
this all arouse when one of hub's clients who runs a course
evaluation system asked
'what's to stop someone from logging in to hub, writing a script
with my name in user=user in the dbi::connect function. then
making it enter a bunch of bogus data.'
at first i thought gee well just put a passwd on the database,
then i thought, gee that's stupid since it's stored in plain text.
======================================================
Jeff MacDonald
jeff(at)pgsql(dot)com irc: bignose on EFnet
======================================================
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Reinke | 2000-01-17 04:57:11 | Re: [GENERAL] cursors |
| Previous Message | moebius | 2000-01-17 01:34:17 | Re: [GENERAL] Debian php3+postgresql unable to connect |