Open anirudh-eka opened 9 years ago
I dont really know how much we are gaining if we have an app that knows how to encrypt and decrypt this content. Normally you only build an app that knows how to encrypt things and then it can tell you if two things are the same, but it cant tell you what the thing in the DB is.
I honestly think we should keep this stuff in cleartext for now.
I think that the only security profile you would be guarding against is if someone gained access to your database without gaining access to your application, and I think there are better ways to deal with that security concern to be honest.
What do you think about what I am saying?
I think that the only security profile you would be guarding against is if someone gained access to your database without gaining access to your application
Yes, you're right. What are the better ways to deal with that concern?
Make it such that there is no way to get to the database other than through the application by shutting off all access to any other port from any other address.
We need to be able to encrypt and decrypt them.
@pturley, do you have any suggestions on how to go about doing this? I was looking at ActiveSupport::MessageEncryptor. If I go down this route, it seems like a good idea to store the key and salt somewhere besides the db, like the environment. Am I thinking about this correctly?
Or is there something that is put into a rails environment that I can derive a key and salt for? I'm thinking about the
SECRET_KEY_BASE
. Is it good practice to use the same string as a salt and to generate the key (when initializing ActiveSupport::KeyGenerator)?Thanks!