Hey 🙂
No, nothing specific. It is just that users can get a sense of false security.

I think in the open source it's bring your own security on most cases ^^

Heya ReassuredTiger98 ,

Is there anything specific you're looking for?

Hi ReassuredTiger98 ,
Authentication-wise, all communication with the server is authenticated using a JWT token. In the open version, fileserver is indeed not included in this scheme (however, of you use any other object storage solution such as S3/minio, that's already built-in)

It's still worth mentioning that HTTPS termination is up to the deployment, and is highly recommended if you deploy your server in an open network.

I think a note about the fileserver should be added to the https://clear.ml/docs/latest/docs/deploying_clearml/clearml_server_security page!

SuperiorPanda77 Would love to get a PR if you're up for it

Yeah, for authentication, yes

Yep can do 👍

FrothyDog40 https://github.com/allegroai/clearml-docs/pull/235

Thank you! I agree with CostlyOstrich36 that is why I meant false sense of security 🙂
Thank you SuccessfulKoala55 so actually only the file-server needs to be secured.