Database

This section describes how to secure information described in Posit Workbench’s internal database.

Set permissions for SQLite

If you are using SQLite, set the permissions such that users cannot access the database. For example, run the command: chmod 600 /var/lib/rstudio-server/rstudio.sqlite or wherever the SQLite database is stored.

Set permissions of the configuration file

The database configuration may contain sensitive data. Set the permissions such that users cannot access the database configuration file. For example, run the command: chmod 600 /etc/rstudio/database.conf

Encrypt database password

When using PostgreSQL as a database provider, ensure that you’re using an encrypted database password as described in PostgreSQL password encryption.

/etc/rstudio/database.conf

# Generated by rstudio-server encrypt-password
password=ThX7skaB8VhMRk7jQr1J3lS0fk+GLmXDp3JIVcHwPiK1CMixSIEsNTt3cNBYj9Rx