Hi. I observed that my LibreElec device (latest version) was visible on my windows PC so i started to fool around the folders just to learn about its structure...
I rapidly noticed that in /Userdata/passwords.xml, the credentials to my NAS are saved in clear (!)
This is not good, even if documented... really not good 
Don't make LE visible to your network. This is no different than any Kodi installation if you have access to the filesystem you can access passwords.xml so not LE specific.
@emvee I believe PhilippeB is talking about Samba shares /Userdata which is indeed readable by guest accounts when he tells about folders. By "folder" he is not talking about filesystem access but network share access (which have the same icon as any other folder in the file explorer thus I guess him not telling one from the other).
I see no passwords in this file here, but maybe I saved none.
Or do you mean no one should have access to port 445 on the libreelec box ?
