Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

config: add "salt" section for multiple salt values #3051

Open
robocoder opened this issue Mar 16, 2012 · 1 comment
Open

config: add "salt" section for multiple salt values #3051

robocoder opened this issue Mar 16, 2012 · 1 comment
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Milestone
Backlog (Help wan...

Comments

@robocoder
Copy link
Contributor

WordPress has multiple salts. Each salt is used for different scopes/situations.

Per #308

  • superuser->salt will be used exclusively for the superuser's password hash
  • the password table would have a new salt column, i.e., salt per user

A new [salt] section would initially contain salts for these scopes:

  • cookie
  • nonce
  • cache-buster
  • archive-lock

Modify: Piwik_Common::getSalt(string $scope)
@mattab
Copy link
Member

mattab commented Sep 8, 2012

Security now has its own sub-category since they're "special" items!

@robocoder robocoder added this to the Future releases milestone Jul 8, 2014
@mattab mattab removed the P: normal label Aug 3, 2014
@mattab mattab modified the milestones: Long term, Mid term Dec 23, 2015
@mattab mattab modified the milestones: Long term, Mid term Dec 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Task Indicates an issue is neither a feature nor a bug and it's purely a "technical" change.
Projects
None yet
Milestone
Backlog (Help wanted)
Development

No branches or pull requests
2 participants
@mattab @robocoder