[SOLVED] Make this unique, and don't share it with anybody


I have seafile server 6.2.0 deployed in my research institution. I noticed in seahub/seahub/settings.py these two lines:

Make this unique, and don’t share it with anybody.

SECRET_KEY = ‘**********************************’

(key masked here).
But the install scripts didn’t change this, or mention at any moment that it should be changed, and the value is exactly the same that is publicly available in the source.

Should this be changed?

I just checked the file {INSTALLPATH}/upgrade/regenerate_secret_key.sh, and I notice it has the line


wich is pointing to the incorrect location of seahub_settings.py. It should be


No wonder it does nothing… maybe this script is only used for older installations.
Anyhow, the SECRET_KEY is defined (with a different value) in my seahub_settings.py…

1 Like