Project

General

Profile

Bug #7657

Remove default OAuth credentials

Added by Dominic Cleal almost 5 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

oauth_consumer_key and oauth_consumer_secret have default values in the codebase, which should be removed to require users to supply their own values.

Note that this only affects a source or basic package install, and OAuth is disabled anyway. The default installer run will randomise these passwords before enabling it.

Associated revisions

Revision bceb2f66 (diff)
Added by Shlomi Zadok over 4 years ago

fixes #7657 - remove default OAuth credentials

History

#1 Updated by The Foreman Bot over 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/1875 added
  • Pull request deleted ()

#2 Updated by Shlomi Zadok over 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#3 Updated by Dominic Cleal over 4 years ago

  • Assignee set to Shlomi Zadok
  • Target version set to 1.7.2

Also available in: Atom PDF