On Fri, Feb 12, 2010 at 12:49 PM, Rishi Ramraj
<[email protected]>wrote:
> While not directly related to wsgi, I presume you all have this
> problem; how do you protect sensitive configuration information like
> database connection strings when using WSGI? The best method I've
> found to date is to put the sensitive information in my .wsgi file.
> Then set the file level permissions so that my web server is the only
> user that can execute it (all other users can't read write or
> execute). Has anyone found any (better) alternatives?
>
I put the DB connection info in another file like .dbconn and load that from
the wsgi file (or Django settings.py); that way only this little file needs
securing, and I can check all my code into version control without including
the connection string.
- Gulli
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/modwsgi?hl=en.
