I'm considering maybe having a lil, short-lived, public/ volume open to, well, the public, mostly for my friends to go over e.g. Discord size limits. However, should a malicious party stumble upon it, I'd like to be secure. Now, all the other volumes I have are locked behind accounts, so I'm quite happy with them e.g. generating thumbnails and the like, so even -s is not really nice for my day-to-day use.
Now, it might just be reasonable to instead give all my friends an account, or set a global password in nginx, so I'm considering doing that instead.
However, that still leads me to the question: If I wanted a fully publicly available folder, is that just a bad idea, period, or are there any things I could be doing to reasonably secure myself, while not restricting myself, i.e. ether only liming a) anon accounts, or b) on a per-volume basis?
Could copyparty implement some existing security features, like no-readme and no-thumb, but scoped, e.g. files uploaded to this specific volume should be marked, and will never generate thumbnails for anyone? (or an accs permission to generate thumbnails in the same vein) (though perhaps easier, maybe just generate an empty/"safe" thumbnail)
On that note, do folders with only G: * permissions still generate thumbnails?
Basically, perhaps going over some of the global security flags and seeing if any of them make sense per volume would be nice and worth doing. In an ideal world, the worst an anon user should be able to do it fill up the whole space with racism.png rather than exploit ffmpeg/ Githubissues.
Githubissues is a development platform for aggregating issues.
Hello again o/
I'm considering maybe having a lil, short-lived,
public/volume open to, well, the public, mostly for my friends to go over e.g. Discord size limits. However, should a malicious party stumble upon it, I'd like to be secure. Now, all the other volumes I have are locked behind accounts, so I'm quite happy with them e.g. generating thumbnails and the like, so even-sis not really nice for my day-to-day use.Now, it might just be reasonable to instead give all my friends an account, or set a global password in nginx, so I'm considering doing that instead.
However, that still leads me to the question: If I wanted a fully publicly available folder, is that just a bad idea, period, or are there any things I could be doing to reasonably secure myself, while not restricting myself, i.e. ether only liming a) anon accounts, or b) on a per-volume basis?
Could copyparty implement some existing security features, like
no-readmeandno-thumb, but scoped, e.g. files uploaded to this specific volume should be marked, and will never generate thumbnails for anyone? (or anaccspermission to generate thumbnails in the same vein) (though perhaps easier, maybe just generate an empty/"safe" thumbnail)On that note, do folders with only
G: *permissions still generate thumbnails?Basically, perhaps going over some of the global
securityflags and seeing if any of them make sense per volume would be nice and worth doing. In an ideal world, the worst an anon user should be able to do it fill up the whole space withracism.pngrather than exploit ffmpeg/ Githubissues.