expose_config
configuration is set to True, from the role User and upwards can read the config in the web. In this config, the secret_key
appears, which means any user with this valid they can create its own signed cookie to impersonate any other user account.dags/
folder and they will be replicated in the rest of the machines inside the DAG cluster.