[Sugar-devel] [PATCH] webactivity: seed the XS cookie at startup

Simon Schampijer simon at schampijer.de
Thu Feb 12 05:32:18 EST 2009


Martin Langhoff wrote:
> On Thu, Feb 12, 2009 at 6:47 PM,  <martin.langhoff at gmail.com> wrote:
>> When starting up, call seed_xs_cookie() to
> 
> Hi Simon,
> 
> Hoping for some review :-) . Do you think this patch can make it into
> the sucrose-0.82 branch? With a tad of elbow grease, it also applies
> on top of master.
> 
> The reason I ask for it on the 0.82 branch is that
> 
>  - It's low low risk -- in fact, the interesting ops are wrapped in a
> try/except block so a failure won't stop Browse from starting up.
> 
>  - It allows me to do a XS 0.5.2 or 0.6 relatively soon that
> integrates smoothly with the XO 0.8.2.x series. Deployments can ensure
> that they have an updated Browse.xo...
> 
> cheers,

Is your main request to get it into 0.82.1? Is this only a temporary 
solution and we get something else later?

Thanks,
    Simon

PS: I am not a security person - so for this discussion of security 
impact you are better of asking someone else - I can only comment on the 
general layout of the patch.



More information about the Sugar-devel mailing list