Open tobiasKaminsky opened 5 years ago
Actually this should have been in the RFC from the very beginning and part of the implementation on all clients. Here are two Github issues regarding this issue already opened quite from the beginning:
https://github.com/nextcloud/desktop/issues/816 https://github.com/nextcloud/desktop/issues/774
After all, users who use E2EE already aren't notified that their files are uploaded unencrypted and can't verify that because in the web interface they cannot directly access the folders but everybody else (malicious admin, 3rd party) can. This means they get compromised 100% while not even realizing it because they think everything works.
As an intermediate, it would be good to simply prevent users from uploading subfolders within encrypted folders (already suggested in above issues).
This shouldn't be just an "enhancement", it should be a top priority issue because a user who relies on E2EE and thinks it works and their data is safe can be compromised almost completely.
We must make really sure that every unencrypted upload of a file/folder within an encrypted folder is blocked.
So prior every upload the client needs to check if the local(!) information says that destination is within an encrypted folder. Again, we cannot rely on server information.