From e3a07ed85232a565e2dedecb147e5aa41a0cab76 Mon Sep 17 00:00:00 2001 From: dbs Date: Fri, 21 Jan 2011 15:51:45 +0000 Subject: [PATCH] Part 3 of a more secure default set up With this commit, the hardcoded default barcode is replaced by an MD5 hash of a random string of numbers, preventing the barcode from being used as a known login name in the OPAC interface (which would remove one of the factors required in a brute forcing of the account credentials). You probably don't want to change the barcode for the admin user, but if you feel the need you can use the usual patron editor in the staff client. Thanks to Thomas Berezansky for suggesting this additional change. git-svn-id: svn://svn.open-ils.org/ILS/branches/rel_2_0@19246 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- Open-ILS/src/sql/Pg/950.data.seed-values.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index 882e3e005d..59728a976f 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -2155,8 +2155,8 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SE INSERT INTO actor.usr ( profile, card, usrname, passwd, first_given_name, family_name, dob, master_account, super_user, ident_type, ident_value, home_ou ) VALUES ( 1, 1, md5(random()::text), md5(random()::text), 'Administrator', 'System Account', '1979-01-22', TRUE, TRUE, 1, 'identification', 1 ); -- Admin user barcode -INSERT INTO actor.card (usr, barcode) VALUES (1,'101010101010101'); -UPDATE actor.usr SET card = (SELECT id FROM actor.card WHERE barcode = '101010101010101') WHERE id = 1; +INSERT INTO actor.card (usr, barcode) VALUES (1,md5(random()::text)); +UPDATE actor.usr SET card = (SELECT currval('actor.card_id_seq')) WHERE id = 1; -- Admin user permissions INSERT INTO permission.usr_perm_map (usr,perm,depth) VALUES (1,-1,0); -- 2.11.0