Hello Bernd, On 17/09/21 3:37 am, Bernd Eckenfels wrote:
I also wonder if it makes sense to either only serve files with public permissions, or at least Filter some critical files like .ssh/* and *.jks.
FWIW - From what I can see in the proposed implementation as well as the JEP text, hidden files and symbolic links aren't served. So it should prevent listing/serving .ssh/ directory.
-Jaikiran
