Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is MiniVend secure?

minivend Secure
0
Posted

Is MiniVend secure?

0 CommentsAdd a Comment

1 Answer

0

Maybe. It has been downloaded over 500,000 times (availability at 50+ FTP sites means it is unknown how many more times than that) with no reported system security problems. It uses the Perl Safe.pm module for user-embedded Perl subroutines and conditionals to make use of those pretty carefree. However, there are definite potential problems with credit card number security that can be avoided: • Unencrypted credit card numbers stored on disk. If you don’t use MiniVend’s encryption capability for encrypting credit card numbers, or the real-time payment (CyberCash, etc.) interface, then there will be unencrypted credit card numbers present in your session database files. If your system is the target of a break in, then these numbers would be available to any user ID that can read the session files. This is the reason MiniVend defaults to read/write permission for the MiniVend user only. • Unencrypted credit card numbers sent via email. The same things apply for orders sent via email. If

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.