You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/01/29 18:47:16 UTC

[GitHub] [couchdb-documentation] wohali commented on a change in pull request #488: Fully remove mention of admin party everywhere

wohali commented on a change in pull request #488: Fully remove mention of admin party everywhere
URL: https://github.com/apache/couchdb-documentation/pull/488#discussion_r372564333
 
 

 ##########
 File path: src/intro/security.rst
 ##########
 @@ -130,38 +126,34 @@ the hash.
 
 .. _Bruce Schneier: http://en.wikipedia.org/wiki/Bruce_Schneier
 
-But what's with the ``-hashed-`` prefix? When CouchDB starts up, it reads a set
-of `.ini` files with config settings. It loads these settings into an internal
-data store (not a database). The config API lets you read the current
-configuration as well as change it and create new entries. CouchDB is writing
-any changes back to the `.ini` files.
+When CouchDB starts up, it reads a set of ``.ini`` files with config settings. It
+loads these settings into an internal data store (not a database). The config
+API lets you read the current configuration as well as change it and create new
+entries. CouchDB is writing any changes back to the ``.ini`` files.
 
-The `.ini` files can also be edited by hand when CouchDB is not running.
+The ``.ini`` files can also be edited by hand when CouchDB is not running.
 Instead of creating the admin user as we showed previously, you could have
-stopped CouchDB, opened your `local.ini`, added ``anna = secret`` to the
+stopped CouchDB, opened your ``local.ini``, added ``anna = secret`` to the
 :config:section:`admins`, and restarted CouchDB. Upon reading the new line from
-`local.ini`, CouchDB would run the hashing algorithm and write back the hash to
-`local.ini`, replacing the plain-text password. To make sure CouchDB only hashes
-plain-text passwords and not an existing hash a second time, it prefixes
-the hash with ``-hashed-``, to distinguish between plain-text passwords and
-hashed passwords. This means your plain-text password can't start with the
-characters ``-hashed-``, but that's pretty unlikely to begin with.
+``local.ini``, CouchDB would run the hashing algorithm and write back the hash
+to ``local.ini``, replacing the plain-text password - just as it did for our
 
 Review comment:
   > Since the easiest way to include special characters like em dashes or copyright signs in reST is to directly write them as Unicode characters
   
   from https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html#source-encoding
   
   so I'll do that!

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services