Latest wikijs version sensitive SSO and GitHub data #7277
-
|
I'm using the latest wikijs version in docker and I saw that the private key for ssh login to GitHub. I have added GitHub and discord authentication to my wikijs and I noticed it doesn't hide the client secret it's all plain text. Same goes for GitHub ssh login for push, pull and backup the MD files from my wiki. Why it shows these details in plain text and not hiding them / encrypting them? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
It's only shown to the root administrator group. This group has full access and will therefore see these values. Don't put users into that group if you don't want them to see sensitive values. |
Beta Was this translation helpful? Give feedback.
It's only shown to the root administrator group. This group has full access and will therefore see these values.
Don't put users into that group if you don't want them to see sensitive values.