cgi with postgres

hey folks,

this is a security issue i'd like to get some info
on, i'm sure it's more with cgi than postgres, but
heck.

issue: how to secure cgi's that access postgres

problem: passwords for postgres database are stored
      in plain text in scripts. (lets assume, perl,
      not a compiled language)

points:
    make cgi dir 711
    big deal, they can get the name of the file
    from the web, and copy it.

    set an obscure cgi script alias in apache
    big deal, they can read the cgi conf file.

    this is assuming they already have an account
    on the machine, something that cannot be ruled
    out.

question in short: how to make perl accessing databases
    more secure, so any jack can't modify a database.

thanks in advance.

Jeff MacDonald
jeff@hub.org

===================================================================
 So long as the Universe had a beginning, we can suppose it had a
creator, but if the Universe is completly self contained , having
no boundry or edge, it would neither be created nor destroyed
 It would simply be.
===================================================================