Setting permissions for cgi in home to read config

Hi all,
Here's the scenario.
I am on a shared host, but have a lot of freedom (apparently).
I have placed my Perl in a directory in my home. I also have a .config file that I want set to 600 (700 works too) in home. I want the Perl to be able to read the config file, but I keep getting a permissions error unless the config file is set to 644, minimum. Is 600 possible? Thx!

That would only be possible if the cgi script is run as your local user, which clearly it isn't. At a push you could try assigning your user to the same group that your script is being run as and set it to 640...

You should be wary about storing settings in plaintext. In addition, make sure your home directory is modded to 700 so other users won't be peeking in

1) How does one know that the cgi script is run as a local user or not?
2) So, if I encrypt the settings, where do I keep the key?

Thanks!

1. it isn't being run as a local user, that's shown because it isn't working on 700, obviously the user its being run as doesn't have priveleges.

Eg. on our servers, apache runs as the user 'apache' in the group 'apache'. thus, you either change your usergroup (not practical) or permission it better.

2. Well, what does your script do? There will be a way to get away with not having that file at all.

First, what do you mean by "permission it better?" Is it possible for my Perl in this root directory to read these 600/700 config files?

Secondly, the config files contain plain text database connect parameters that are read in by the scripts so they can connect to the various databases when they run.

I want security to be tight. But where should what reside? I don't believe I want to hard code my DB connect info in my scripts. And if I encrypt the config info, then what do I do with my key?

Thanks!!

i think the best option then would be to make it world-readable