Closed duckinator closed 4 years ago
You can work around this by adding the following to docker-compose.yaml (I put it before the ports:
section):
command: "sed -i 's/neko serve -d --static/neko serve --static/' /etc/neko/supervisord/neko.conf && /usr/bin/supervisord -c /etc/neko/supervisord.conf"
This just removes the -d
before running supervisord
.
this is by design, the logs aren't written to any file (unless you want it to) I might start shipping the image with the debug option off. Not I'm not sure as of yet
Perhaps you could do something like have it off by default and allow setting the NEKO_DEBUG
environment variable to enable debug mode? That may be a thing, not sure; I couldn't disable debug mode using that when poking around, though.
Describe the bug
Due to the docker image passing
-d
in/etc/neko/supervisord.conf
, it logs all key presses by default. This has the potential to compromise passwords.To Reproduce Steps to reproduce the behavior:
Expected behavior The default image should not double as a keylogger.
Screenshots
Desktop (please complete the following information):
Additional context (none)
Client Log: (not relevant)
Server Log: