> On 05/11/06 17:02, [EMAIL PROTECTED] wrote: > (myself included -- I am not about to put my production db > password into a subversion repository that everyone in the company can > read).
On 5/11/06, Steven Armstrong <[EMAIL PROTECTED]> wrote: > For putting the dsn in the env I'm -1 as it may cause security problems. > IMHO the only place where such config as a dsn belongs is in a file, > ideally only readable by the executed program itself. Somewhat OT, but you guys do realize that if you're really concerned about the security of your DB password, you don't have to use one? Just ensure that only trusted machines can connect to the database server in the first place... -- "May the forces of evil become confused on the way to your house." -- George Carlin --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers -~----------~----~----~----~------~----~------~--~---
