I don’t find any button to log out of the dietpi dashboard webinterface. So anyone can shutdown/restart or kill services from a computer which was recently logged in?! Should this be like this??
Is there someone who has access to you computer who would do something like this? Did you tried to close your browser completely? Does it require a password again once you start a new browser session?
If I only close the browser window, the session is still open (no password required).
If I close the browser completely, the session is also open after the restart of the browser (no password required).
That seems to be not very secure…
I’ve uninstalled the dashboard again (the 3rd time). I hope there will be a possibility to logout in the future, because
the dashboard is actually very cool…
I set it to 0 and also tried some other values, but it doesn’t worked for me. I will also make a report on github.
So yes, it’s not very secure, but on the other hand there is an info on the DietPi software webpage, which suggest it’s still in beta and not recommended to use on sensitive production systems yet.
well, to do some damage, someone would need to get access to your computer where you already had opened the Dashboard before. As long as you are not on an open space environment, it should be fine until a fix become available.