glenn
/
asteroid
mirror of https://github.com/glenneth1/asteroid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: Update security documentation with template fix

This commit is contained in:
glenneth 2025-11-03 19:51:30 +03:00
parent 25183ea5cf
commit ed39646ad2
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
SECURITY-CONFIG-CHANGES.org
View File

@ -71,6 +71,16 @@ Eliminated hardcoded Icecast admin password from codebase.
- ~*supported-formats*~~(config-supported-formats *config*)~
- ~*stream-base-url*~~(config-stream-base-url *config*)~
** Template Security Fix (~template/login.ctml~) - CRITICAL
Removed hardcoded admin credentials display from login page:
- Deleted panel showing "Default Admin Credentials"
- No longer displays username: ~admin~ / password: ~asteroid123~
- Login page is now production-safe
This was the critical issue Fade mentioned: "the templates with the default passwords for sure need changing"
** Docker Security Fixes (~docker/docker-compose.yml~) - CRITICAL
*** Port Bindings Secured