If you go back far enough in my logs you can see where I changed my S3 access key and secret key. You can also see the values I changed them to. I’m okay with my Admin’s having access to these, but moderators can also see logs. I think sensitive data like this should be removed from the logs.
brett_zink (Brett Zink) #1
eviltrout (Robin Ward) #2
Are you on the latest version of Discourse? Because recently @neil comitted a fix for this:
brett_zink (Brett Zink) #3
I’m on 0.9.8.8.
I just impersonated one of my mods, and yes, these items are removed.
Thanks for pointing that out!
zogstrip (Régis Hanol) #4