You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
In the settings' __init__ function, it stores sensitive data including onedrive password, AWS key into a plaintext env file which is a potential security issue described in CWE-312.
To Reproduce
Steps to reproduce the behavior:
Run the settings function.
Expected behavior
The password should stay in the memory or change the env file permission to only available to the user running the service.
The text was updated successfully, but these errors were encountered:
Describe the bug
In the settings'
__init__
function, it stores sensitive data including onedrive password, AWS key into a plaintext env file which is a potential security issue described in CWE-312.To Reproduce
Steps to reproduce the behavior:
Run the settings function.
Expected behavior
The password should stay in the memory or change the env file permission to only available to the user running the service.
The text was updated successfully, but these errors were encountered: