From d557c8d9ebe4bb72f0c7ce70a3a95fe64fcd273e Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Fri, 23 Oct 2020 11:47:23 -0700
Subject: [PATCH] Show why the setting exists

---
 src/views/services.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/views/services.html b/src/views/services.html
index 3e495c5e2..080fc49f6 100644
--- a/src/views/services.html
+++ b/src/views/services.html
@@ -21,10 +21,10 @@
             <div class="form-group" ng-show="serviceConfigure.service.name === 'sftp'">
               <br>
               <label class="control-label">Access Control</label>
-              <br>
+              <p><small>Allowing non-admins to access SFTP will let them read application config files and secret keys. For some apps like WordPress, they can also log the password.</small></p>
               <div class="checkbox">
                 <label>
-                  <input type="checkbox" ng-model="serviceConfigure.requireAdmin">Allow only admins to access SFTP</input>
+                  <input type="checkbox" ng-model="serviceConfigure.requireAdmin">Require admin role to access SFTP</input>
                 </label>
               </div>
             </div>