https://github.com/ging/horizon
Revision 45b0188b48df1a03962be97387df1dd7a6662086 authored by Nicolas Simonds on 24 September 2013, 18:26:59 UTC, committed by Nicolas Simonds on 24 September 2013, 20:24:01 UTC
Currently the settings.py generates a secret_key, then loads user ovverides. The former step requires write access in a directory that the webserver has no real business trying to write to, which is a security risk, amongst other things. As a simple mitigation step, defer loading the default until after the local_settings.py has been loaded. Then the admins can decide if/how the secret_key is stored (or not stored, as the case may be) and in absentia of that, it uses the current behaviour of scribbling files in odd places. Fixes Bug: 1220884 Change-Id: I158702f9500563a4d16f6aefc1a3afea766b1e92
1 parent e063659
Tip revision: 45b0188b48df1a03962be97387df1dd7a6662086 authored by Nicolas Simonds on 24 September 2013, 18:26:59 UTC
Don't generate the secret_key until after loading local settings
Don't generate the secret_key until after loading local settings
Tip revision: 45b0188
| File | Mode | Size |
|---|---|---|
| .tx | ||
| doc | ||
| horizon | ||
| openstack_dashboard | ||
| tools | ||
| .gitignore | -rw-r--r-- | 377 bytes |
| .gitreview | -rw-r--r-- | 76 bytes |
| .mailmap | -rw-r--r-- | 519 bytes |
| .pylintrc | -rw-r--r-- | 1.4 KB |
| HACKING.rst | -rw-r--r-- | 411 bytes |
| LICENSE | -rw-r--r-- | 9.9 KB |
| MANIFEST.in | -rw-r--r-- | 654 bytes |
| Makefile | -rw-r--r-- | 588 bytes |
| README.rst | -rw-r--r-- | 3.1 KB |
| manage.py | -rwxr-xr-x | 292 bytes |
| openstack-common.conf | -rw-r--r-- | 194 bytes |
| requirements.txt | -rw-r--r-- | 505 bytes |
| run_tests.sh | -rwxr-xr-x | 12.7 KB |
| setup.cfg | -rw-r--r-- | 1.0 KB |
| setup.py | -rwxr-xr-x | 794 bytes |
| test-requirements.txt | -rw-r--r-- | 289 bytes |
| tox.ini | -rw-r--r-- | 1.1 KB |
Computing file changes ...
