We should probably update the documentation for $wgSecretKey however I'm
not sure the best way to write it.
https://www.mediawiki.org/wiki/Manual:%24wgSecretKey
Right now $wgSecretKey is 99% worthless. We aren't using it directly
anymore. We now generate all tokens with proper cryptographic random
sources. So we don't base security off keeping a string secret anymore.
((That %1 is from the fact that if you have no access to urandom or are on
old php, no mcrypt random, and no openssl random we do use $wgSecretKey as
a very small source of entropy, but it's of barely any value most of our
entropy comes from clock drift in that case.))
At the same time it's worth noting the warning about user_token. It does
not apply to any new user_token but old user_tokens for users who have not
updated their passwords resulting in the reset of user_token on wikis that
have not done a full reset will still be somewhat vulnerable to
$wgSecretKey leaks.
--
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name]
_______________________________________________
Wikitech-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
