I have a javascript script that will call a perl script to access a mysql database.

Normally my perl scripts go in the cgi-bin directory. If the perl script has to access the mysql database it would need mysql username/passwords. What is the best way to make those passwords secure? If the script is in the cgi-bin directory is that safe, or is there a better way?

It is my own server, so i can make many changes that couldn't be done if it was on a hosting server. the key is that I would like it to be as simple a solution as possible, and yet still provide security.

I'd say it's relatively safe. Being as the whole internet is only relatively safe you can never get more secure than that. You can put the names/passwords in an encrypted file that is above the www root folder. Your perl script can read that file, unencrypt (if necessary) the name and password and use them to access the mysql database.