Security question about constants, svn and encryption
Hi, We recently had a little discussion: https://docs.mendix.com/howto/general/dev-best-practices/#25-passwords-and-other-secrets Always store secret information in a safe place. A safe place is the database. Use the Encryption module to encrypt and store and to retrieve and decrypt the information. Using either the default value of a constant or the project’s configuration setting is unsafe. Both these places are readable by others and visible in the version management copies made by SVN. Of course, this is good advice; however, most people/modules use constants to define secrets (like an API-token or username/password for authorization requests to save on having to do a database retrieve for a settings object with each request. The problem lies here: if we have a secret stored in a constant and we define its contents in the Settings with your local profile, the plaintext version of this constant is stored in the svn repository (as stated above). The suggestion to encrypt the value by using the Encryption module also feels a bit meh :-) The Encryption module uses a constant to define its algorithm (and even has a default value) and your precious encryption key: So if I define my encryption key in my profile settings (which is stored in plain text in the svn), why is this more secure if I encrypt my other secrets with this module vs having it also in plain text in the svn (as you should be able to decrypt my secrets anyway with the information of the plain text encryption key). Is it so harmful to store plaintext profile settings into the svn repository?