Hi All,
Not sure if i post this in the correct section but i was wondering if it is possible to hide the secrets file from the file editor addon?
It feels like a security risk if someone is able to login on my home assistant and is able to view my secrets file.
It’s not possible.
I assume something is in the works regarding the latest secueity breaches that have been found.
Let’s hope so.
i thought about removing the file editor addon but the fact is that someone breaking in with knowledge of home assistant will be able to install that addon and still be able to view my passwords.
Once he has accesd to Home Assistant it’s anyway too late.
I agree with that…then your home assistant is not configured secured enough…but if he succeeds now then he has a one way ticket to your secret file without making the hacker difficult. not sure if that should be protected more… especially if home assistant is exposed to the internet.