database adaptor password in production.log

11175 · April 11, 2008, 2:52pm

So, as I'm working on migrating my app from Rails 1.2.1 to Rails 1.2.6, suddenly my database adaptor password is showing up in production log on startup. This could be because use " ActiveRecord::Base.allow_concurrency = true" (I know, nobody else does and you'll tell me not to do it. But I've investigated it and it's working for me, that's not what this question is about).

So this didn't used to happen. But now, for some reason, the production log begins with:

allow_concurrency=true Defined connections: {"ActiveRecord::Base"=>#<ActiveRecord::Base::ConnectionSpecification:0xb6b52924 @config={:port=>XXXX, :username=>"XXXXXX", :database=>"XXXX", :password=>"XXXX", :adapter=>"mysql", :host=>"xxx.xxx.jhu.edu"}, @adapter_method="mysql_connection">}

Except with the X's. My actual database password is in production log. I'd rather avoid this. Anyone have any ideas for keeping this out of production.log?

Jonathan

Dale · April 18, 2008, 1:48am

Being new to the game, beats me why your password/etc. is showing in the log. You could find the offending entity by grepping the source...but I've seen most people replacing the logger with their own logger & thus filtering what actually gets stored. Here's a link to such a thing: http://blog.teksol.info/2007/6/13/how-to-set-logger-options-in-rails -Dale

Topic		Replies	Views
Connect to Production Database - Explicit password on database.yml? rubyonrails-talk	3	142	June 1, 2015
Production vs Development rubyonrails-talk	8	205	January 25, 2014
database.yml, postgresql and pgpass.conf conflicts rubyonrails-talk	0	334	October 18, 2006
Out with database.yml rubyonrails-core	50	877	June 13, 2008
Rails Recipe 31 - Authenticatin Users Logs Reveals Passwords rubyonrails-talk	6	115	January 6, 2007

database adaptor password in production.log

Related topics

More Resources