Consider database credentials - they should not be publicly available
/ downloadable from internet and they fall in same category -
sensitive information in settings.py .
Memcache credentials - in many cases memcache is unprotected .
I think docs should be updated to reflect sensitive settings.py
variables, which are confidential and provide "best practices" way
({local|secret}_settings.py ?) for deployment :). Perhaps manage.py
command to generate adequate strenght / randomness secret would be
beneficial .
Kristaps Kūlis
> --
> You received this message because you are subscribed to the Google Groups "Django developers" group.
> To post to this group, send email to django-d...@googlegroups.com.
> To unsubscribe from this group, send email to django-develop...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
>
>
settings.py already has a warning:
# Make this unique, and don't share it with anybody.
I usually keep the generated default in VCS, so that anyone other team
members don't have to put it in their localsettings.py. Staging and
production servers have their own settings anyway, so it's not really
a problem.
I'm not sure what exactly are you proposing. Do you want to change the
default project template or the docs ?
--
Łukasz Rekucki
Kristaps Kūlis
One problem is that there are simply so many options, there is no 'best'
way. Every assumption made in this thread holds only for some
situations. And the solutions are not at all Django specific - every web
site, with any technology, has this issue i.e. where to put sensitive
configuration information.
Django's settings file gives you enough power to put this information
anywhere you like, and our documentation already points out that you can
use any Python to set the values of settings. We could make this a bit
more explicit to point that this means you can store settings not only
in other Python files, but anywhere.
Luke
--
"I am going to let you move around more, just to break up the
mahogany." (True Quotes From Induhviduals, Scott Adams)
Luke Plant || http://lukeplant.me.uk/
Matthew Roy said:
> If I understand
> how it works the compromise of the SECRET_KEY alone doesn't put you in
> serious hot water unless the attacker can also intercept traffic.
The SECRET_KEY is secret for a number of very good reasons, and
compromise of it is quite likely to lead to compromise of your
application if the attacker is sufficiently motivated.
-Paul
I don't know what the best way is, but I will share what we do. In
addition to the regular settings.py we have site_settings.py (which is
not under version control) in the same directory. Then at the end of
settings.py we add this simple code:
# Run a separate python file not in version control for database
# settings and other sensitive information.
from os.path import dirname, join
execfile(join(dirname(__file__), 'site_settings.py'))
Cheers,
Ian
try:
from site_settings import *
except ImportError:
pass
No particularly compelling reason that I know of, the import machinery
is just unnecessary in this case. The site_settings.py is viewed as
an extension of the settings.py, so it doesn't need to be loaded as a
module in its own right. And for the same reason we know exactly
where we expect the file to be, so there's no need to consult
sys.path.
I suppose it just comes down to a matter of taste.
Cheers,
Ian
Interesting. I would have assumed that the reason is so that code in
site_settings.py has access to the previously defined values in the main
settings.py, and can actually modify them (i.e. append to
MIDDLEWARE_CLASSES or whatnot). With an import this is not possible.
Carl
# Include any local settings that override the defaults.try:execfile('local_settings.py')# Hack so that the autoreload will detect changes to local_settings.py.class dummymodule(str):__file__ = property(lambda self: self)sys.modules['local_settings'] = dummymodule('local_settings.py')except IOError:pass
That's a good reason too. It didn't occur to me because we don't
actually do that, and I'm having a hard time envisioning a scenario
where we might want to. It's good that it's not outside the realm of
possibility, though.