Opened 4 years ago

Closed 4 years ago

#31757 closed New feature (fixed)

Adjust default SECRET_KEY to use `dj::insecure` prefix and add matching deployment system check.

Reported by: Carlton Gibson Owned by: kosc
Component: Core (System checks) Version: dev
Severity: Normal Keywords:
Cc: René Fleschenberg, Shai Berger Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Recent thread on the mailing list about making the default settings more 12 factor friendly. (Related to similar discussions in say #20081.)

Conclusion there was that environment variables are only one way to go. (...)

In the discussion it came up that we could prefix the generated SECRET_KEY with say, dj::insecure and then add a deployment system check to ensure that wasn't used in production. (Paraphrasing various points: might not be 100% robust but would capture most cases.)

So:

  • Prefix secret key in project template.
  • Add system check to ensure secret key does not have prefix.

Change History (10)

comment:1 by Mariusz Felisiak, 4 years ago

Triage Stage: UnreviewedAccepted
Version: 3.0master

comment:2 by René Fleschenberg, 4 years ago

Shai Berger suggested an alternative approach: Marking the string as insecure by making it an instance of a custom str subclass (https://groups.google.com/d/msg/django-developers/CIPgeTetYpk/3a0lkAu-BgAJ). I am not sure which of the two approaches we prefer.

comment:3 by René Fleschenberg, 4 years ago

Cc: René Fleschenberg added

in reply to:  2 ; comment:4 by Mariusz Felisiak, 4 years ago

Cc: Shai Berger added

Replying to René Fleschenberg:

Shai Berger suggested an alternative approach: Marking the string as insecure by making it an instance of a custom str subclass (https://groups.google.com/d/msg/django-developers/CIPgeTetYpk/3a0lkAu-BgAJ). I am not sure which of the two approaches we prefer.

Prefix is fine, IMO.

comment:5 by Mariusz Felisiak, 4 years ago

Has patch: set
Owner: changed from nobody to kosc
Status: newassigned

comment:6 by Carlton Gibson, 4 years ago

Patch needs improvement: set

in reply to:  4 comment:7 by Shai Berger, 4 years ago

Replying to felixxm:

Replying to René Fleschenberg:

Shai Berger suggested an alternative approach: Marking the string as insecure by making it an instance of a custom str subclass

Prefix is fine, IMO.

Missed this earlier... prefix is fine IMO too.

comment:8 by Nick Pope, 4 years ago

Patch needs improvement: unset

comment:9 by Mariusz Felisiak, 4 years ago

Triage Stage: AcceptedReady for checkin

comment:10 by Mariusz Felisiak <felisiak.mariusz@…>, 4 years ago

Resolution: fixed
Status: assignedclosed

In b7f5003:

Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about autogenerated default keys.

Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews.

Note: See TracTickets for help on using tickets.
Back to Top