http://blog.kineticweb.com/articles/tag/security en-us 40 Musings from a Ruby on Rails development team <p>During the Intro to Rails portion of tonight&#8217;s Philly on Rails, a question was raised asking if there was a better way to give Rails your database password, rather then storing it in the database.yml file.</p> <p>I tried the method below, which seems to work:</p> <div class="typocode"><pre><code class="typocode_ruby "><span class="ident">development</span><span class="punct">:</span> <span class="ident">adapter</span><span class="punct">:</span> <span class="ident">mysql</span> <span class="ident">database</span><span class="punct">:</span> <span class="ident">whatever_development</span> <span class="ident">username</span><span class="punct">:</span> <span class="ident">whatever</span> <span class="ident">password</span><span class="punct">:</span> <span class="punct">&lt;%=</span><span class="string"> gets %&gt; socket: /tmp/mysql.sock</span></code></pre></div> <p>The first time the database is accessed by Rails, you can simply enter the password at the script/server prompt and you&#8217;re in business.</p> <p>However, I&#8217;m not sure how this would work with the -d option on script/server. I imagine it would not work.</p> <p>Update: <a href="http://pragdave.pragprog.com/pragdave/2007/04/prompting_for_r.html">PragDave has some thoughts on this, too.</a></p> Mon, 06 Aug 2007 18:43:00 -0400 urn:uuid:d75b24a9-b775-416d-a8d2-3f121dbe9501 Colin A. Bartlett http://blog.kineticweb.com/articles/2007/08/06/securing-your-database-yml Rails security MySQL http://blog.kineticweb.com/articles/trackback/52