http://yanpritzker.com/2006/08/29/encrypted-db-passwords-for-rails-with-databaseyml-and-erb/ photographer, entrepreneur, software engineer, musician, skier Mon, 14 May 2012 16:09:28 +0000 hourly 1 http://wordpress.org/?v=3.2.1 http://yanpritzker.com/2006/08/29/encrypted-db-passwords-for-rails-with-databaseyml-and-erb/comment-page-1/#comment-23636 Riju Thu, 26 Mar 2009 06:48:02 +0000 http://skwpspace.com/?p=17#comment-23636 We can do this by overriding the rails configuration class database_configuration function and in the config/boot.rb, when we call rails initializer, we pass our overrided configuration class instead of default configuration class We can do this by overriding the rails configuration class database_configuration function and in the config/boot.rb, when we call rails initializer, we pass our overrided configuration class instead of default configuration class

]]> http://yanpritzker.com/2006/08/29/encrypted-db-passwords-for-rails-with-databaseyml-and-erb/comment-page-1/#comment-8237 sjvfwcrfnz Mon, 17 Sep 2007 08:43:24 +0000 http://skwpspace.com/?p=17#comment-8237 poker chips ace jack poker chips ace jack

]]> http://yanpritzker.com/2006/08/29/encrypted-db-passwords-for-rails-with-databaseyml-and-erb/comment-page-1/#comment-8235 ohthklyhad Mon, 17 Sep 2007 08:42:32 +0000 http://skwpspace.com/?p=17#comment-8235 <a href="http://ca.geocities.com/k9299stories/xbbav/gay-teens-wrestling.htm" rel="nofollow">gay teens wrestling</a> gay teens wrestling

]]> http://yanpritzker.com/2006/08/29/encrypted-db-passwords-for-rails-with-databaseyml-and-erb/comment-page-1/#comment-146 yan Tue, 26 Sep 2006 16:06:32 +0000 http://skwpspace.com/?p=17#comment-146 Nathan, in theory your keyfile should be readable only by a system user, as should your database.yml file. Assuming your intruder has already gained access to the files, it still means he has to understand how to invoke the decryption scheme, so it's adding one more step to the breakin process. For example if your attacker didn't understand Ruby he could still read the password out of your file, but if it's encrypted now he has to go through the decryption step. It's not foolproof but neither is the lock on the door to your house. It's just there as a deterrent. Nathan, in theory your keyfile should be readable only by a system user, as should your database.yml file. Assuming your intruder has already gained access to the files, it still means he has to understand how to invoke the decryption scheme, so it’s adding one more step to the breakin process. For example if your attacker didn’t understand Ruby he could still read the password out of your file, but if it’s encrypted now he has to go through the decryption step. It’s not foolproof but neither is the lock on the door to your house. It’s just there as a deterrent.

]]> http://yanpritzker.com/2006/08/29/encrypted-db-passwords-for-rails-with-databaseyml-and-erb/comment-page-1/#comment-145 Nathan Tue, 26 Sep 2006 13:13:03 +0000 http://skwpspace.com/?p=17#comment-145 If someone already had access to your database.yml file, wouldn't they also conceivably have access to your key file and general encryption routine? If that is true, it seems like the encryption process would boil down to little more than simple obfuscation. If someone already had access to your database.yml file, wouldn’t they also conceivably have access to your key file and general encryption routine? If that is true, it seems like the encryption process would boil down to little more than simple obfuscation.

]]>