pikz wrote: > I would like to ask if it's less secure to grant all privileges in > MySQL to the user running the application, instead of having the > password in the database.yml file?
I don't understand this question. The database.yml file specifies both the mysql user and the password for the specified user used to connect to the database. I think what you're getting at is whether to put the literal password in the database.yml file or store the password separately in a file, which is then stored in a secure location. Then reference that file to get the password. This is often done for the :production settings in the database.yml file. If I remember right this Railscasts episode shows how to do this: http://railscasts.com/episodes/85-yaml-configuration-file -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
