Open liquid-metal opened 12 months ago
Great feature request - I agree this would be ideal although not the easiest thing to implement so it will take some careful thought and planning. Having the encryption key potentially tied to the lockdown passphrase is a good idea too. I'll give it all some thought.
Password Pusher uses lockbox for data encryption and it supports ActiveStorage encryption (file uploads): https://github.com/ankane/lockbox?tab=readme-ov-file#active-storage
🚀 Feature Request
When a file is pushed, it should be possible to select (or force by configuration) that the file is stored encrypted in whatever storage is configured.
🔈 Motivation
Users might expect files in password pusher to be shared securely (not only the access), so in my opinion it is logical to share files with sensitive content. Especially when using external storage, it might be desirable to have the files on the storage encrypted. This is an improvement to security from the moment where the storage is on another host than the application itself. This might further be improved by deriving the encryption key from a lockdown passphrase.
Incorrectly configured S3 leads to countless data leaks; this might even become worse when using some kind of self hosted storage which might not be as well-integrated into an IAM as a cloud-hosted offer.
🛰 Alternatives
Require the user to encrypt files? Sounds not so viable to me.
📎 Additional context
I am aware of the optimization mentioned in the config document that the browser can send files to an external storage directly. I can imagine multiple ways to deal with that