The way I've gotten around this problem in the past is writing an installation script that generates our wsgi file and installs it in the correct location. The configuration for the install files are stored in ~/.installConfig, so developers can easily customize and persist their own settings.
Have you noticed any performance problems associated with having to read the settings from disk on every request (that touches the database)? On Feb 12, 9:50 am, Gunnlaugur Thor Briem <[email protected]> wrote: > On Fri, Feb 12, 2010 at 12:49 PM, Rishi Ramraj > <[email protected]>wrote: > > > While not directly related to wsgi, I presume you all have this > > problem; how do you protect sensitive configuration information like > > database connection strings when using WSGI? The best method I've > > found to date is to put the sensitive information in my .wsgi file. > > Then set the file level permissions so that my web server is the only > > user that can execute it (all other users can't read write or > > execute). Has anyone found any (better) alternatives? > > I put the DB connection info in another file like .dbconn and load that from > the wsgi file (or Django settings.py); that way only this little file needs > securing, and I can check all my code into version control without including > the connection string. > > - Gulli -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
