From 0bfbeab53d44edd6b191ce4537b4061596f237ad Mon Sep 17 00:00:00 2001 From: dbs Date: Fri, 21 Jan 2011 03:13:14 +0000 Subject: [PATCH] Part 3 of a more secure default set up With this commit, the hardcoded default barcode is replaced by an MD5 hash of a random string of numbers, preventing the barcode from being used as a known login name in the OPAC interface (which would remove one of the factors required in a brute forcing of the account credentials). You probably don't want to change the barcode for the admin user, but if you feel the need you can use the usual patron editor in the staff client. Thanks to Thomas Berezansky for suggesting this additional change. git-svn-id: svn://svn.open-ils.org/ILS/trunk@19243 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- Open-ILS/src/sql/Pg/950.data.seed-values.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index e99a54b5c1..3b0618ad27 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -1600,8 +1600,8 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SE INSERT INTO actor.usr ( profile, card, usrname, passwd, first_given_name, family_name, dob, master_account, super_user, ident_type, ident_value, home_ou ) VALUES ( 1, 1, md5(random()::text), md5(random()::text), 'Administrator', 'System Account', '1979-01-22', TRUE, TRUE, 1, 'identification', 1 ); -- Admin user barcode -INSERT INTO actor.card (usr, barcode) VALUES (1,'101010101010101'); -UPDATE actor.usr SET card = (SELECT id FROM actor.card WHERE barcode = '101010101010101') WHERE id = 1; +INSERT INTO actor.card (usr, barcode) VALUES (1,md5(random()::text)); +UPDATE actor.usr SET card = (SELECT currval('actor.card_id_seq')) WHERE id = 1; -- Admin user permissions INSERT INTO permission.usr_perm_map (usr,perm,depth) VALUES (1,-1,0); -- 2.43.2