Can anyone access my uploaded files?

I was exporting a user database, and in the csv i could see the URL for all the files associated with my users, this means pictures, resumes etc.

I was shocked to see that logging out of knack the URL still worked! i even tried it on my wife's phone, the files were freely accessible if you had the URL!

Am I an idiot who havent ticked off a security feature, or can we only upload files that should be expected to be readable by anyone?

Of course it is. When you export records from your databases, only you have control of the information. How you share it is up to you. The purpose of exporting the information is to have the information available, and it is.
1 Like