diff options
| author | lpsolit%gmail.com <> | 2006-01-03 23:44:53 +0100 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2006-01-03 23:44:53 +0100 |
| commit | e16ca48833e9dd774a61eaab7ca32c44ce6a4276 (patch) | |
| tree | fc19ca29fde4d73f039a38fd9c5f69373e5a5d63 /checksetup.pl | |
| parent | 093f6970ea0e8356b5f8a51ec916926fcb68b41f (diff) | |
| download | bugzilla-e16ca48833e9dd774a61eaab7ca32c44ce6a4276.tar.gz bugzilla-e16ca48833e9dd774a61eaab7ca32c44ce6a4276.tar.xz | |
Bug 119524: SECURITY: predictable sessionid (Use a token instead of logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat a=justdave
Diffstat (limited to 'checksetup.pl')
| -rwxr-xr-x | checksetup.pl | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/checksetup.pl b/checksetup.pl index 7522d994c..e8528aee1 100755 --- a/checksetup.pl +++ b/checksetup.pl @@ -4233,6 +4233,12 @@ $dbh->bz_add_column('namedqueries', 'query_type', $dbh->bz_alter_column('groups', 'userregexp', {TYPE => 'TINYTEXT', NOTNULL => 1, DEFAULT => "''"}); +# 2005-09-26 - olav@bkor.dhs.org - Bug 119524 +# Convert logincookies into a varchar +# this allows to store a random token instead of a guessable auto_increment +$dbh->bz_alter_column('logincookies', 'cookie', + {TYPE => 'varchar(16)', PRIMARYKEY => 1, NOTNULL => 1}); + # If you had to change the --TABLE-- definition in any way, then add your # differential change code *** A B O V E *** this comment. |