Protecting a perl program

Tkil tkil-sdpm at
Fri May 17 01:16:35 CDT 2002


>>>>> "Joel" == Joel Fentin <joel at> writes:

Joel> 1. Is there a *standard* way of requiring user name & password
Joel>    before I let someone run a perl program on the www?

There are multiple ways of doing it; no one way is standard, because
there's no one definition of when someone is authorized.
Authentication can be done by the HTTP server and/or by your code.

Joel> 2. Do I put an .htpasswd file in the cgi-bin directory? This (if
Joel>    it works) carries the disadvantage that all programs in that
Joel>    directory require UN & PW.

If you're using apache, you typically use .htaccess files in the live
areas (or in your httpd.conf); the .htuser and .htgroup files are
typically outside the served document tree, so there is no chance at
all that anyone could download them.

.htpasswd might be a new feature I'm not familiar with.  But I've
never heard of it before.

Joel> 3. Or do I code the protection right into the program? 

You can.

Joel> 4. Or some other way?


For lots more information.


The posting address is: san-diego-pm-list at

List requests should be sent to: majordomo at

If you ever want to remove yourself from this mailing list,
you can send mail to <majordomo at> with the following
command in the body of your email message:

    unsubscribe san-diego-pm-list

If you ever need to get in contact with the owner of the list,
(if you have trouble unsubscribing, or have questions about the
list itself) send email to <owner-san-diego-pm-list at> .
This is the general rule for most mailing lists when you need
to contact a human.

More information about the San-Diego-pm mailing list