Project

General

Profile

Bug #4167

Password length verification doesn't work

Added by Stephen Benjamin about 5 years ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

In app/models/host/managed.rb:

validates :root_pass, :length => {:minimum => 8, :message => _('should be 8 characters or more')}

The length verification doesn't actually work. In host_common.rb, root_pass assignment is overridden so by the time it validates root_pass, it's already a hash (and over 8 chars).


Related issues

Related to Foreman - Feature #3725: Make default root password more explicit and configurable at install timeClosed2013-11-22

Associated revisions

Revision c4bfd47f (diff)
Added by Stephen Benjamin about 5 years ago

fixes #3725, #4167 - root password validations, remove default password

Revision 85df2532 (diff)
Added by Alissa Bonas about 5 years ago

refs #4167 - Added inline info regarding root password length policy

History

#1 Updated by Stephen Benjamin about 5 years ago

  • Related to Feature #3725: Make default root password more explicit and configurable at install time added

#2 Updated by Dominic Cleal about 5 years ago

  • Category set to Security
  • Status changed from New to Ready For Testing
  • Assignee set to Stephen Benjamin
  • Target version set to 1.9.2
  • Legacy Backlogs Release (now unused) set to 4

#3 Updated by Anonymous about 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF