Re: [Postfixadmin-devel] config.local.php not being read.
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
Re: [Postfixadmin-devel] config.local.php not being read.
|
From: Christian B. <pos...@cb...> - 2009-04-16 00:03:21
|
Hello,
Am Dienstag, 14. April 2009 schrieb David Goodwin:
> > OK. Change to use md5/sha1/whatever (perhaps embed sha1: at the
> > start of the string??)
>
> Having a reasonable salt might be a good idea too - even if it is
> just something stupid like 'postfixadmin'
Indeed, using a salt is always a good idea. However, I don't like the
static value.
I just commited a modified version of setup.php (r629) which uses hashed
and salted passwords (sorry, no pepper ;-)
The salt is a md5-hash computed from the remote IP, the time and a
random value. This might not be cyrptically perfect, but I doubt there
will be two postfixadmin installations using the same salt ;-)
(Of course, when checking against the password in config.inc.php, the
salt is read from $CONF.)
The salt and the password are then hashed with sha1.
If someone enters a wrong setup password, he will get the hash of
his/her password displayed copy&paste ready for inclusion in
config.inc.php.
Please proofread my code - this is highly security relevant, therefore
another pair of eyes are a good idea. Also test setup.php with valid
and invalid setup passwords.
Note: I'll remove the check for $CONF['setup_password'] from common.php
again because:
- it's no longer really needed - no hashed password will result in
something simple like "changeme" or an empty string
- checking the setup_password in setup.php (the only place where it is
used) is enough
- blocking the whole postfixadmin just because the setup password has
not been set (= current behaviour) will cause lots of needless
problems if someone upgrades from a previous version.
- The admin _will_ setup a password for sure as soon as he needs to
create a super-admin via setup.php ;-)
- (if I missed an argument why to keep the check in common.php, please
speak up!)
I also think that we no longer need to use the "developer hack"
$CONF['configured'] = 'I_know_the_risk_of_not_deleting_setup.php'
and should remove the code sections checking for it (index.php,
login.php).
Regards,
Christian Boltz
--
>und was ist "Winter"?
Ein Zeitraum, in dem von der Decke des grossen blauen Raum gelegentlich
groessere oder kleinere Mengen kalten weissen Drecks fallen, der aus
kristallinem Dihydrogenmonoxid besteht. [Alexander Schreiber]
|
