On Fri, Sep 3, 2010 at 5:20 PM, Nate Coraor <nate(a)bx.psu.edu> wrote:
> Or, do you just recommend a single "galaxy" user in
> PostgreSQL/MySQL which has complete control over
> the Galaxy database? Simple, but less secure.
This is preferred since as we change the schema, additional
create/drop/alters will be required. Although slightly less secure,
it has never been an issue. Make regular database backups and
there's nothing to worry about.
Hi Nate (and others),
I have a follow up question, perhaps an SQLalchemy question
really, but can we hide the Galaxy user's PostgreSQL password
in file universe_wsgi.ini in the database_connection string?
The documentation says to use this format:
database_connection = postgres://user:pass@host/galaxy
Is there any alternative - like passing the MD5 hash of the
password? Or do we just have to make sure that the Unix
permissions of universe_wsgi.ini are suitably locked down
to prevent exposing the password?
(I may be worrying too much - but better safe than sorry)