tag security

securing your database.yml 1

Posted by Colin A. Bartlett Mon, 06 Aug 2007 22:43:00 GMT

During the Intro to Rails portion of tonight’s Philly on Rails, a question was raised asking if there was a better way to give Rails your database password, rather then storing it in the database.yml file.

I tried the method below, which seems to work:

development:
  adapter: mysql
  database: whatever_development
  username: whatever
  password: <%= gets %>
  socket: /tmp/mysql.sock

The first time the database is accessed by Rails, you can simply enter the password at the script/server prompt and you’re in business.

However, I’m not sure how this would work with the -d option on script/server. I imagine it would not work.

Update: PragDave has some thoughts on this, too.

Tags MySQL, Rails, security
Meta no trackbacks, 1 comment, permalink, rss, atom

Syndicate

We are a small web application development and hosting company located in suburban Philadelphia, PA. After developing ASP Classic applications for 6 years, we switched to Rails in November of 2006 and haven't looked back since.

Our team is small but strong:

Colin
Steve
Andy
Justin
Randy
John

... and others. Together we build apps, big and small, for ourselves and for others.

has_many :thoughts

Musings from a Ruby on Rails development team

securing your database.yml 1

Archives

Tags

Syndicate

Kinetic Web Solutions

Our Team