Uploaded image for project: 'Apache Airflow'
  1. Apache Airflow
  2. AIRFLOW-2884

Fix Flask SECRET_KEY security issue in www_rbac

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • None
    • 2.0.0
    • ui

    Description

      Flask secret key should be as random as possible, while it's not in Airflow Flask App.

      This issue was fixed for www in ticket https://issues.apache.org/jira/browse/AIRFLOW-2809 (merged in PR https://github.com/apache/incubator-airflow/pull/3651) .

      But this issue was not fixed for www_rbac yet.

      Attachments

        Issue Links

          Activity

            People

              xddeng Xiaodong Deng
              xddeng Xiaodong Deng
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: