If you decide to just put it in code, use some sense about it. Be sure it is done such that if a stack trace gets dumped to the user's screen you don not publish it.
If you wanted to get clever about it you could use some deploy wrapper and some tactics already mentioned. Have a deploy script that asks for the key on every deploy. It can then randomly select some encryption key and how to break the encrypted key up and then set some placeholder parameters in code telling the app how to put it back together and decrypt. The needed parts to reassemble and decrypt can then be stored partially in-code and in the datastore (and I would guess you'll memcache this encrypted part for performance reasons). The key is never locally stored in any form in code that is kept around, and the datastore record is essentially useless unless you know things that are stored in the production code. Of course this could still be easily bypassed if you are using appstats, since you can use it to view production code. :) Realistically I would do what everyone else suggested. Use some basic encryption and keep it in the datastore. Robert On Fri, Sep 24, 2010 at 13:51, timwhunt <[email protected]> wrote: > I think Eli makes some very good points. One small follow on: To > keep it simple, you might just divide the key string in half, and put > the first half in code and the second half in the datastore. You > could use some encryption as Eli suggests, but if someone has access > to your code and datastore, it would probably be trivial for them to > run the decryption code so that extra hassle doesn't seem to buy much > more security. On the other hand running that decryption code could > be the little bit of effort that holds them back. It's all just your > choice of effort to make it hard vs. how much protection that buys > you. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
