Yes I don't consider this high risk. The only problem I see is that people know that they have the password in db.py while they have no idea that it can also be in the cache if they use cacheable selects. Another problem is that this password can be seen by just reading the filename whereas you need to actually read db.py to see it.
-- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
