[jifty-devel] DSN-related issue with user/password input

Jason May jason.a.may at gmail.com
Tue Nov 27 23:23:15 EST 2007


When I was testing a Jifty application and I had authentication errors, I
noticed from DBI->connect's warn that "user=foo;password=bar" is being put
into the DSN. This is a problem, because this exposes the password if DBI
connect connect to the database. It's also redundant, because the user and
password are passed into the second and third argument of DBI->connect as
well as via the DSN. If you want me to, I can make the fix.

Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.bestpractical.com/pipermail/jifty-devel/attachments/20071127/9dae8fa5/attachment.htm


More information about the jifty-devel mailing list