nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

mediawiki: Mark secret strings in privileged actions

Browse Source 
Tests:

- Run affected privileged actions through UI and notice that secret strings are
not logged.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-08-04 11:03:55 -07:00 committed by James Valleroy
parent 39d0c03700
commit 5c0b15d8f8
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plinth/modules/mediawiki/privileged.py
View File

@ -7,7 +7,7 @@ import shutil
import subprocess
import tempfile
from plinth.actions import privileged
from plinth.actions import privileged, secret_str
from plinth.utils import generate_password
MAINTENANCE_SCRIPTS_DIR = "/usr/share/mediawiki/maintenance"
@ -95,7 +95,7 @@ def _include_custom_config():
@privileged
def change_password(username: str, password: str):
def change_password(username: str, password: secret_str):
"""Change the password for a given user."""
change_password_script = os.path.join(MAINTENANCE_SCRIPTS_DIR,
'changePassword.php')