On Fri, Sep 3, 2010 at 5:20 PM, Nate Coraor nate@bx.psu.edu wrote:
Peter wrote:
Or, do you just recommend a single "galaxy" user in PostgreSQL/MySQL which has complete control over the Galaxy database? Simple, but less secure.
This is preferred since as we change the schema, additional create/drop/alters will be required. Although slightly less secure, it has never been an issue. Make regular database backups and there's nothing to worry about.
--nate
Hi Nate (and others),
I have a follow up question, perhaps an SQLalchemy question really, but can we hide the Galaxy user's PostgreSQL password in file universe_wsgi.ini in the database_connection string?
The documentation says to use this format:
database_connection = postgres://user:pass@host/galaxy
Is there any alternative - like passing the MD5 hash of the password? Or do we just have to make sure that the Unix permissions of universe_wsgi.ini are suitably locked down to prevent exposing the password?
(I may be worrying too much - but better safe than sorry)
Thanks,
Peter