Secure, Reliable way of handling Credit Card numbers

[Brad Bollenbach]

Hi,

I'm doing a shopping cart site for a client and am now trying to find out
the best (read, "as secure as possible") way to handle credit card
information. Some related info:

- The credit card numbers need to remain persistent in 2 other places than
where they were entered, 1.) A "confirmation" screen, and 2.) After
confirming, an email will be sent with all the customer's data.

- The box on which this CGI program runs has multiple users, and is Redhat
Linux 6.2

- I do not control this box

- The idea of somebody getting root on the box, and then putting a trojan in
place of my app to send off all the cc numbers their way scares me :)
Ideally, I'm trying to think of a way to do this so that the cc numbers
never touch the disk

- The cc numbers need to be both encrypted and decrypted (well, I'm assuming
this will be a necessary security step), and this will be done with the same
program.

So can anyone recommend a good technique to securely handle credit card
numbers that need to somehow be persistent? Again, after entered on one
form, they then need to be displayed once on a "Confirmation" screen, and
then when the user "confirms" they need to be emailed to my client, all of
which has to be done securely of course :)

Any help is appreciated.

--
Brad Bollenbach, Python Hacker