Capistrano: chmod 600 database.yml

mdaoust · May 6, 2008, 4:52pm

Would it be wise to chmod 600 your database.yml file using Capistrano
when deploying seeing as it contains your mysql db in plain text?

~ Mark

mdaoust · May 6, 2008, 5:05pm

On Tue, 6 May 2008, Mark D. wrote:

Would it be wise to chmod 600 your database.yml file using Capistrano
when deploying seeing as it contains your mysql db in plain text?

If your web server software is running under a different user id,
wouldn’t
that make it unreadable?

–
A

mdaoust · May 6, 2008, 5:45pm

Eno wrote:

If your web server software is running under a different user id,
wouldn’t that make it unreadable?

I guess! But couldn’t you just change the ownership of that file to the
application server process (e.g. mongrel) and then it wouldn’t matter if
no other users could read it?

mdaoust · May 6, 2008, 6:13pm

On May 6, 11:45 am, Mark D. [email protected]
wrote:

I guess! But couldn’t you just change the ownership of that file to the
application server process (e.g. mongrel) and then it wouldn’t matter if
no other users could read it?

Sure, if you have root access you can chown the file but you probably
won’t have root access on a shared server.