that issue is unfortunately one of the great mythological stories of business application development, how to configure an application such that the database credentials are not present in a config file where they can be viewed.
the scope of that issue is way outside of SQLAlchemy and personally I don't think there is really any feasible solution to that problem - not that the credentials can't be encrypted, but it implies that there's a decryption key right nearby, which renders the whole situation basically security theater. Even if you have some super sophisticated remote-server kind of approach, if an attacker is on the machine where the software is, the Python code is right there; they can run whatever routines your Python code uses to get these credentials into memory and then they have them. However, anyone that's worked in app dev for more than 5 years has had to deal with managerial teams that are trying to make it happen and perhaps theater is all you need. There's a good stackoverflow rundown of the full issue I found at https://security.stackexchange.com/a/22858 . On Fri, May 15, 2020, at 12:30 PM, Terrence-Monroe: Brannon wrote: > Hello, what is the recommended way to encrypt/hide the connection information > that SA will use to connect to an Oracle database? > > Related gitter discussion - > https://gitter.im/sqlalchemy/community?at=5ebec23f20d9bf305768a247 > > > > -- > SQLAlchemy - > The Python SQL Toolkit and Object Relational Mapper > > http://www.sqlalchemy.org/ > > To post example code, please provide an MCVE: Minimal, Complete, and > Verifiable Example. See http://stackoverflow.com/help/mcve for a full > description. > --- > You received this message because you are subscribed to the Google Groups > "sqlalchemy" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to sqlalchemy+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/sqlalchemy/95561686-5404-423a-9453-fd0625111423%40googlegroups.com > > <https://groups.google.com/d/msgid/sqlalchemy/95561686-5404-423a-9453-fd0625111423%40googlegroups.com?utm_medium=email&utm_source=footer>. -- SQLAlchemy - The Python SQL Toolkit and Object Relational Mapper http://www.sqlalchemy.org/ To post example code, please provide an MCVE: Minimal, Complete, and Verifiable Example. See http://stackoverflow.com/help/mcve for a full description. --- You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To unsubscribe from this group and stop receiving emails from it, send an email to sqlalchemy+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sqlalchemy/0775f8c2-4dde-45f9-b7af-a9b5b24f9bb1%40www.fastmail.com.
