I would like to restrict the access to the deploy.rb file to prevent any
mods from anybody that could cause major issue in production zone for
instance.
I do know that I can keep the deploy.rb any from the project. I’d like
to know some real world process for this.
Thank you
Rémi
Rémi Gagnon wrote:
I would like to restrict the access to the deploy.rb file to prevent any
mods from anybody that could cause major issue in production zone for
instance.I do know that I can keep the deploy.rb any from the project. I’d like
to know some real world process for this.Thank you
Rémi
I recommend having the deploy script prompt for passwords (SSH, SVN/Git,
etc) instead of baking them in in plain text. That way the script is
useless without credentials.
Jeremy Weiskotten wrote:
Rémi Gagnon wrote:
I would like to restrict the access to the deploy.rb file to prevent any
mods from anybody that could cause major issue in production zone for
instance.I recommend having the deploy script prompt for passwords (SSH, SVN/Git,
etc) instead of baking them in in plain text. That way the script is
useless without credentials.
+1. Additional things that you can undertake:
Use SSH keys. The best security model relies on something that you
know (credentials) plus something that you have (private keys).
Keep a deploy.example.rb file under source control and set the actual
deploy.rb to ignore. This is not a substitute for prompting passwords!
You can use it to add a layer of obscurity for your repository URL and
server hostnames.
–
Roderick van Domburg
http://www.nedforce.com
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs