Does externalizing sensitive config variables into a .properties outside of Config.groovy provide a security advantage in Grails?

Question

I understand that in Grails by default configuration vars are stored in Config.groovy and once deployed the properties are contained within the war. Obviously this would cause issues if you needed to change them without redeploying the app. However, I just read the following in the Grails AWS Plugin docs:

"As recommended by Amazon, you can use a .properties file to handle your secret and access keys for this plugin."

...

"Sometimes, you still don't have access to filesystem, but don't want to store your credentials wide open in your configuration file"

(http://blanq.github.com/grails-aws/1.2.12.1/index.html)

Is there some kind of security advantage to storing the creds outside of Config.groovy? Perhaps I'm missing something :/

Answer 1

There are several specific reasons you don't want to include security information directly within the WAR.

1. You might be working with outside developers or developers who shouldn't have direct access to certain secure information.
2. You might be working with sensitive data that only a select few should see, possibly not even yourself.
3. You might not know the credentials ahead of time. This is often the case in an environment where someone else provisions resources.
4. You might want to build a single WAR, and dynamically switch the credentials without recompiling the entire application, and then re-uploading the content.

So, it provides some level of security, but also a lot of convenience in other situations.

Answer 2

Sometimes you need to hide some creds even from developers. It can be paypal keys and an outsourced team (you've never meet with), for example. So you can store this configuration somewhere on server (/etc/myapp/config.properties), without giving access to it to other developers.

Second part, about 'don't have access to filesystem', mean that you can specify this parameters at startup, at command line, without storing it anywhere. So, even anybody having access to server still can't see credentials, at least in plain file

Answer 3

We use external property file to define data-source details such as production database username, password, username etc.

The benefit is -you don't have to checkout code and install Grails on production server. You can just create one common war file, upload and deploy it to production server ..