Updated Session_Management_Cheat_Sheet.md #458
Merged
Conversation
A slight modification to help users to use a CSPRNG instead of PRNG
Updated Session_Management_Cheat_Sheet.md
|
A random session id is not enough; it must also be unique so session
id's are not duplicated. I have seem this happen when some of the first
big sites on the net went webscale and the session id generator was only
random and not random and unique; in that a random session id must not
already exist in the current session id space. Can you kindly add that?.
On 7/29/20 11:38 AM, ykcab wrote:
------------------------------------------------------------------------
You can view, comment on, or merge this pull request online at:
#458
Commit Summary
* Updated Session_Management_Cheat_Sheet.md
* Merge pull request #1 from ykcab/ykcab-patch-1
File Changes
* *M* cheatsheets/Session_Management_Cheat_Sheet.md
<https://github.com/OWASP/CheatSheetSeries/pull/458/files#diff-b1827970e50c2b413a767d8224ec2f15>
(4)
Patch Links:
* https://github.com/OWASP/CheatSheetSeries/pull/458.patch
* https://github.com/OWASP/CheatSheetSeries/pull/458.diff
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#458>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEBYCMJT7QGSDGBX3EGPEDR6A66ZANCNFSM4PLXH2JA>.
--
Jim Manico
Manicode Security
https://www.manicode.com
|
per this comment #458 (comment)
|
This is great, push it!
- Jim
…On 7/29/20 12:03 PM, ykcab wrote:
***@***.**** commented on this pull request.
@jmanico <https://github.com/jmanico>, I added that. I hope it is in
the correct section.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#458 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEBYCNLCCPFMW2RXUI7YUDR6BB3TANCNFSM4PLXH2JA>.
|
removed trailing space in line #53
|
removed trailing space at line 53 |
|
I'll dig into the linting problems (I think with the new C push) this
evening!
- Jim
…On 7/29/20 12:29 PM, ykcab wrote:
@jmanico <https://github.com/jmanico> changes are pushed. The linter
is complaining on other stuff. Kindly check.
Thanks.
@ykcab <https://github.com/ykcab>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#458 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEBYCKYECZJM7CQ6REPNWLR6BE7XANCNFSM4PLXH2JA>.
|
|
LGTM |
|
I fixed these issues in this PR #456. @jmanico you please approve #456 and after that I will be able to merge it to master and after that @ykcab will be able to rebase it to updated master. |
|
I approved but did NOT "squash and merge" this time.
- Jim
On 7/30/20 4:10 AM, mackowski wrote:
I fixed these issues in this PR #456
<#456>. @jmanico
<https://github.com/jmanico> you please approve #456
<#456> and after that I
will be able to merge it to master and after that @ykcab
<https://github.com/ykcab> will be able to rebase it to updated master.
This is the problem because @jmanico <https://github.com/jmanico> by
mistake pushed older CS directly to master and we did not resolved
that issues on the branch.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#458 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEBYCJN2OQTWXXN3GGP6JDR6ETIHANCNFSM4PLXH2JA>.
--
Jim Manico
Manicode Security
https://www.manicode.com
|
* Removed @ThunderSon @rbsec from CODEOWNERS and add @jmanico * Update C-Based_Toolchain_Hardening_Cheat_Sheet.md * Update C-Based_Toolchain_Hardening_Cheat_Sheet.md
|
Look good! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
No description provided.