Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
soitgoes
on Oct 11, 2010
|
parent
|
context
|
favorite
| on:
How Our Startup Got Featured on CNN
Nice change seeing the Django settings.py file scrolling by rather than the typical 'C' or unix command line output. Hopefully, that isn't the real secret key on display though.
jasonkeene
on Oct 11, 2010
|
next
[–]
Yeah, noticed this too.
http://www.whyprime.com/temp/yipit-key.png
Whoops!
vacanti
on Oct 11, 2010
|
parent
|
next
[–]
I like how it says "make this unique. don't share it with anybody" and we shared it with every CNN viewer several times.
AdamN
on Oct 11, 2010
|
prev
[–]
That secret key is not the one in our production repository. We overwrite our development settings in other files.
Regardless, the Django secret_key isn't used to control systems or access data :-)
-Adam Nelson
jfarmer
on Oct 11, 2010
|
parent
[–]
No, but it's probably used to sign cookies and other requests, which means one could hijack someone else's session.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
