Probably not the correct place to ask this, but I’m sure it’s something
which would affect a lot of Rails deployments…
Should you make the ‘database.yml’ file readable only to the app process
(e.g. mongrel) - as it contains the database password. Does this offer
any security?
~ Mark