On Apr 9, 2009, at 9:55 AM, Michael DeHaan <mdehaan(a)redhat.com> wrote:
James Cammarata wrote:
>> One weird thing django does, is generate a "secret key" (from
>>
> settings.py):
>
>> # Make this unique, and don't share it with anybody.
>> SECRET_KEY =
'w&x*74x-b=ycigsdya03699o!9kt4(z4wyx-us9q=--&7clv4='
>>
>> I have no idea what this is used for currently, if someone else
>> knows
>> django better and can shed light on how we should handle this it
>> would be
>> appreciated.
>>
>
> A quick google answered my question:
>
> SECRET_KEY
>
> Default: '' (Empty string)
>
> A secret key for this particular Django installation. Used to
> provide a
> seed in secret-key hashing algorithms. Set this to a random string
> -- the
> longer, the better. django-admin.py startproject creates one
> automatically.
>
>
> So we should probably leave it blank, and make cobbler check warn
> about it
> being blank in the future.
>
>
Interesting.
If we don't need the admin interface at all, is there a way to
disable it?
It is disabled by default, so there isn't anything we'd need to do. If
only the admin interface uses that key, we can leave it blank and not
care.
Or is that how we'd have to configure auth sources and such?
I'd be ok with the cobbler install generating the key /if/ there was
a sane way to do it programatically.
--Michael
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.