Tom Mac
2011-Mar-31 10:59 UTC
How to secure paypal signature, username and password stored in app_config
Hi I store paypal api username, password and signature as simple text in config/app_config.yml. I would like to know whether this can be protected , than just storing it as text which anybody can read from app_config.yml. Thanks Tom -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Tom Mac
2011-Apr-01 04:31 UTC
Re: How to secure paypal signature, username and password stored in app_config
Hi
I am using app_config.yml exactly like
http://railscasts.com/episodes/143-paypal-security
Please help
Thanks
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
Tim Shaffer
2011-Apr-01 12:28 UTC
Re: How to secure paypal signature, username and password stored in app_config
If you plan on encrypting it, you''ll need to store the encryption key somewhere. Someone who has access to your app_config.yml file would probably also have access to wherever you stored the encryption key. So you probably could encrypt it, but it wouldn''t really be solving anything. Why not just worry about not letting those who shouldn''t see the username and password have access to view app_config.yml? -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.