Good point. Personally, I agree about keeping credentials out of version
control, but I have had an employer who disagrees. Of course that's only
suitable for a completely private repository.
On Thu, Mar 21, 2013 at 4:58 PM, Alan Johnson wrote:
> I think hardcoding local machine development pa
On 22/03/2013 7:58am, Alan Johnson wrote:
I think hardcoding local machine development passwords is fine, but it's
still better to store the production passwords in a key-value file that
stays out of source control and is permissioned such that only
authorized developers can directly access the s
I just picked up a copy of "Two Scoops of Django". It covers this
very, and much more in the area of project setup and management with
Django. Some great lessons learned in this book. Well worth the
investment. See the Django resources page for the link.
HTH,
--Tim
On Thu, Mar 21, 2013 at 11:
I think hardcoding local machine development passwords is fine, but it's
still better to store the production passwords in a key-value file that
stays out of source control and is permissioned such that only authorized
developers can directly access the server or the credential file. Of course
Are you doing this for password security? If so, note that, while not
quite as easy as scraping command line argument, your environment is
avilable via /dev/mem, and is trivially available to any Trojan that an
attacker can convince this shell or any of its children (such as Django or
any manage.p
I have a common.py, dev.py, and prod.py for my Django settings files. All
files inherit from common.py. I want to keep my database passwords,
database URL, etc stored as environment variables. I have researched the
topic but I am not sure If I have a clear understanding of it. I am hoping
I can
6 matches
Mail list logo
