I would think this is a bug that should be reported on trac. On Dec 20, 7:26 am, Adam Voss <vossa...@luther.edu> wrote: > I noticed in run_notebook.py that when the notebook is run with > reset=True, there is a check against min_password_length from > sagenb.misc.misc to make sure the password is long enough. If it is > shorter than the minimum, sage prints "That password is way too short. > Enter a password with at least 6 characters." > > However, min_password_length is 1. Thus, the check is only preventing > non-blank passwords. Is this the desired behavior? > > It seems inconsistent to me to prompt for a 6 character password when > we will accept any non-blank password. A 6-character password on an > administrative account does not seem unreasonable to me. IMHO for a > piece of software that effectively give shell access to a server, > applying a min_password_length of 6 (which really isn't that secure) > would be reasonable. Though if nothing is enforcing the length, it > doesn't seem right to me to tell users to enter one of at least a > certain length. > > I poked around the users.py and notebook.py and did some grep'ing and > didn't find anywhere else min_password_length is used. Changing > min_password_length to 6 would seem to only force the admin password > to be 6 characters, without affecting other users and passwords > already set. I haven't thoroughly looked into it yet, but to affect > all users would probably be quite a bit more complicated. The output > message for other users is probably desired in the webbrowser, rather > than the shell, and currently the webbrowser doesn't even give a > message when setting a blank password (silently fails) so I'm guessing > they is not a easy way to do this already in-place. > > Any thoughts?
-- To post to this group, send an email to sage-devel@googlegroups.com To unsubscribe from this group, send an email to sage-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-devel URL: http://www.sagemath.org
