Yedidyah Bar David has posted comments on this change. Change subject: packaging: setup: hardening postgresql password ......................................................................
Patch Set 1: (2 comments) http://gerrit.ovirt.org/#/c/27615/1//COMMIT_MSG Commit Message: Line 6: Line 7: packaging: setup: hardening postgresql password Line 8: Line 9: Use random.SystemRandom instead of random and Line 10: extend password lenght to 22 chars. length. Why specifically 22? Line 11: Line 12: Change-Id: I76769e7eb65df35f982b1ef9e36bc81d1f42b79a http://gerrit.ovirt.org/#/c/27615/1/packaging/setup/ovirt_engine_setup/postgres.py File packaging/setup/ovirt_engine_setup/postgres.py: Line 466: ) Line 467: Line 468: def generatePassword(self): Line 469: rand = random.SystemRandom() Line 470: return ''.join([rand.choice(self._PASSWORD_CHARS) for i in range(22)]) > are special character supported? if so, which ones? _PASSWORD_CHARS is defined above - numbers and lowercase/uppercase letters. I do not think special chars are important in this context - if we add e.g. 10 special chars, and leave length at 22, number of possibilities is 27 times larger. If instead we keep existing 62 chars but make length 23, it's 62 times larger. I guess most services that require special chars do so to prevent people from using dictionary or semi-dictionary words. Line 471: Line 472: def applyEnvironment(self): Line 473: for k in ('user', 'database', 'port', 'secured', 'hostValidation'): Line 474: self.environment[self._dbenvkeys[k]] = self._defaults[k] -- To view, visit http://gerrit.ovirt.org/27615 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I76769e7eb65df35f982b1ef9e36bc81d1f42b79a Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Eli Mesika <[email protected]> Gerrit-Reviewer: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Yedidyah Bar David <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
