Unclear "security advice"

[motey]

Hello :wave: ,

thanks for your great work. I am just in the process of testing a backup setup with this project :heart:

I have a question towards the "security advice" at https://github.com/barcus/bareos/blob/master/README.md#security-advice

The default passwords inside the configuration files are created when building the docker image. Hence for production either build the image yourself using the sources from Github.

⭕ Do not use this container for anything else, as passwords get expose to the Bareos containers.

In the second sentence there is a "either" part but no "or" part :) or am i missing sth?

And the last sentence; "Do not use this container for anything else" is also a little but unprecise. "anything else" compared to what? testing?

And the whole advice left me a little bit confused. how are passwords exposed? I inspected the dockerfiles and the docker-entrypoint.shs and could not find any static or build-time generated passwords. Which of the multiple containers should be self build to prevent static passwords? Is it really necessary if i set all password env vars with a custom save password?

Sorry if am just being stupid or otherwise i would appreciate some clarification. Cheers.