[Buildbot-commits] [Buildbot] #1942: Store passwords in hashed form

Buildbot nobody at buildbot.net
Thu May 5 01:39:52 UTC 2011


#1942: Store passwords in hashed form
------------------------+------------------------
Reporter:  dabrahams    |       Owner:
    Type:  enhancement  |      Status:  new
Priority:  major        |   Milestone:  undecided
 Version:  0.8.3p1      |  Resolution:
Keywords:  auth         |
------------------------+------------------------

Comment (by dabrahams):

 Replying to [comment:1 tom.prince]:
 > I think the canonical solution to this is to load the passwords from a
 file.

 Yes it is.  And a variety of factors make this much more painful than it
 should be.  You can see some evidence for this in my bbot framework.

 > To have the hashes be secure, you would also have to make sure that the
 hashed passwords were properly salted.

 I confess that I'm not a security expert... but that wouldn't be so bad,
 would it?

 > A more sensible option might be to expose twisted.cred, which has
 support for unix password files, among other things.

 I assumed that twisted probably had some facilities for this kind of
 thing, but I'm also not a twisted expert ;-)

-- 
Ticket URL: <http://trac.buildbot.net/ticket/1942#comment:2>
Buildbot <http://buildbot.net/>
Buildbot: build/test automation


More information about the Commits mailing list