summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormkanat%bugzilla.org <>2009-02-03 10:58:46 +0100
committermkanat%bugzilla.org <>2009-02-03 10:58:46 +0100
commitd2ae5f0c4657eacfb528430daef8981abdb9d3b5 (patch)
tree62b6edf60a9175ed3065f76dccaed5b6936bf1d3
parent9151cc1c1477d037753c8730d97d967ceaaeafa9 (diff)
downloadbugzilla-d2ae5f0c4657eacfb528430daef8981abdb9d3b5.tar.gz
bugzilla-d2ae5f0c4657eacfb528430daef8981abdb9d3b5.tar.xz
Bug 476594: [SECURITY] Calling srand() at startup time in mod_perl makes the same token be generated over and over
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=justdave, a=mkanat
-rw-r--r--Bugzilla/Install/Localconfig.pm2
1 files changed, 1 insertions, 1 deletions
diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm
index e22a47afa..5cd7755e8 100644
--- a/Bugzilla/Install/Localconfig.pm
+++ b/Bugzilla/Install/Localconfig.pm
@@ -188,7 +188,7 @@ EOT
},
{
name => 'site_wide_secret',
- default => generate_random_password(256),
+ default => sub { generate_random_password(256) },
desc => <<EOT
# This secret key is used by your installation for the creation and
# validation of encrypted tokens to prevent unsolicited changes,