Gcontact Git
Brought to you by:
paul-gregory
Menu
▾
▴
Tree [0376ad] master / private / History
| File | Date | Author | Commit |
|---|---|---|---|
| README | 2010-07-19 |
|
[997a19] add some comment and documentation |
| users.json | 2010-07-19 |
|
[aeb9a4] introduce a fixed salt to avoid rainbow table a... |
Read Me
That folder contains the 'users.json' file wich contains users and according SHA1 hashed passwords. That folder and it file MUST be keep private. That file should NOT be exposed outside (no HTTP access). HTTP user should have read and write permission on users.json file like that : -rw-rw---- 1 username www-data 3 2010-07-19 22:48 users.json Please note that SHA1 password are encoded with a fixed salt, found in web/php-common/users.inc.php. Before any user creation, you should change that fixed salt to improve security.