Rails Master Key
Description
General
- Documentation: https://guides.rubyonrails.org/security.html#custom-credentials
- Summary: Ruby on Rails is a web framework written in Ruby. By default, Rails encrypt secrets before storing them in a
credentials.yml.encfile. This file contains at least thesecret_key_baseof the application that is used to encrypt cookies as well as any other secret useful to the application such as API keys. To encrypt thecredentials.yml.encfile, Rails uses a key stored in amaster.keyfile. This detector focuses on catching this master key.
Revoke the secret��
If it does not exist yet, the master.key file is created when the credentials file is edited with the command bin/rails credentials:edit. This is a good way to generate a new master key.
Details for Rails Master Key Assignment
-
Family: cryptographic_key
-
Category: private_key
-
High recall: False
-
Validity check available: False
-
Analyzer available: False
-
Revoker available: False
-
Occurrences found for one million commits: very rare
-
Prefixed: False
Details for Rails Master Key
-
Family: cryptographic_key
-
Category: private_key
-
High recall: False
-
Validity check available: False
-
Analyzer available: False
-
Revoker available: False
-
Occurrences found for one million commits: 3.68
-
Prefixed: False
