[SOLVED] Make this unique, and don't share it with anybody

Hi,

I have seafile server 6.2.0 deployed in my research institution. I noticed in seahub/seahub/settings.py these two lines:

Make this unique, and don’t share it with anybody.

SECRET_KEY = ‘**********************************’

(key masked here).
But the install scripts didn’t change this, or mention at any moment that it should be changed, and the value is exactly the same that is publicly available in the source.

Should this be changed?

EDIT
I just checked the file {INSTALLPATH}/upgrade/regenerate_secret_key.sh, and I notice it has the line

seahub_settings_py=${TOPDIR}/seahub_settings.py

wich is pointing to the incorrect location of seahub_settings.py. It should be

seahub_settings_py=${TOPDIR}/**conf/**seahub_settings.py

No wonder it does nothing… maybe this script is only used for older installations.
Anyhow, the SECRET_KEY is defined (with a different value) in my seahub_settings.py…

1 Like