Are DNS urls or paths to filesystems needed to be kept out of source control repositories for security?
up vote
0
down vote
favorite
Apart from the most obvious ones like usernames and passwords, what are the other things that need to be kept from being stored in properties files in a source control repository?
Specifically, I'm thinking about things like DNS names used by private services (an RDS endpoint in AWS for example) or paths to local files in a filesystem. My instinct tells me they also need to be kept safe as, even if with a DNS url or a path to a file you still need to authenticate to gain access to a service, an attacker can start a DDoS attack or find out somehow the username and password required to access your specific service or file.
security version-control aws-parameter-store
asked Nov 8 at 17:20
Juan Vega
319313
add a comment |
up vote
0
down vote
favorite
Apart from the most obvious ones like usernames and passwords, what are the other things that need to be kept from being stored in properties files in a source control repository?
Specifically, I'm thinking about things like DNS names used by private services (an RDS endpoint in AWS for example) or paths to local files in a filesystem. My instinct tells me they also need to be kept safe as, even if with a DNS url or a path to a file you still need to authenticate to gain access to a service, an attacker can start a DDoS attack or find out somehow the username and password required to access your specific service or file.
security version-control aws-parameter-store
asked Nov 8 at 17:20
Juan Vega
319313
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Apart from the most obvious ones like usernames and passwords, what are the other things that need to be kept from being stored in properties files in a source control repository?
Specifically, I'm thinking about things like DNS names used by private services (an RDS endpoint in AWS for example) or paths to local files in a filesystem. My instinct tells me they also need to be kept safe as, even if with a DNS url or a path to a file you still need to authenticate to gain access to a service, an attacker can start a DDoS attack or find out somehow the username and password required to access your specific service or file.
security version-control aws-parameter-store
asked Nov 8 at 17:20
Juan Vega
319313
Apart from the most obvious ones like usernames and passwords, what are the other things that need to be kept from being stored in properties files in a source control repository?
Specifically, I'm thinking about things like DNS names used by private services (an RDS endpoint in AWS for example) or paths to local files in a filesystem. My instinct tells me they also need to be kept safe as, even if with a DNS url or a path to a file you still need to authenticate to gain access to a service, an attacker can start a DDoS attack or find out somehow the username and password required to access your specific service or file.
security version-control aws-parameter-store
security version-control aws-parameter-store
asked Nov 8 at 17:20
Juan Vega
319313
asked Nov 8 at 17:20
Juan Vega
319313
edited Nov 9 at 10:31
asked Nov 8 at 17:20
Juan Vega
319313
asked Nov 8 at 17:20
Juan Vega
319313
asked Nov 8 at 17:20
Juan Vega
319313
319313
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53213021%2fare-dns-urls-or-paths-to-filesystems-needed-to-be-kept-out-of-source-control-rep%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
