Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PTAH_TOKEN may not be the expected length #204

Open
wolcen opened this issue Sep 26, 2024 · 1 comment
Open

PTAH_TOKEN may not be the expected length #204

wolcen opened this issue Sep 26, 2024 · 1 comment
Labels
good first issue Good for newcomers security

Comments

@wolcen
Copy link

wolcen commented Sep 26, 2024

The install-server.sh specifies:

# Generate a random string of 42 characters
random_token=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 42)

I'm not sure how important it is for this value to be at least /exactly 42 characters, but I wanted to note that it is very easy for this command to result in a string shorter than 42 characters.

If the length of this token is important, upping the length of the string openssl returns (by more than just a few characters) would obviously suffice.
@bohdan-shulha
Copy link
Contributor

Hi @wolcen , thanks a lot for the feedback.

"42" is not essential for this use case, just a reasonable default. Could be more, could be less. Lenghtier is, definitely, better.

I'll improve it in the next releases.

@bohdan-shulha bohdan-shulha added good first issue Good for newcomers security and removed triage labels Sep 26, 2024
@bohdan-shulha bohdan-shulha added this to the October milestone Sep 26, 2024
@bohdan-shulha bohdan-shulha removed this from the October milestone Nov 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bohdan-shulha @wolcen