Basic Encryption

[alirezanet]

Currently, all files created in the data folder are stored in plain text. It would be a great improvement if these files were saved in an encrypted format to reduce the risk of someone injecting malicious code into the server.

Even a basic encryption layer would help mitigate this issue. Additionally, it would be safer to use a neutral file extension (like .raw) to avoid accidentally storing executable scripts that could be run on the server.

[Tanq16]

hello again, @alirezanet ! thank you for the discussion. i partially agree, although encryption isn't a good solve. injection is a risk when input is processed at any point in the process. file extensions are also inert on linux (Docker) since direct browser navigation isn't enabled.

lack of encryption is also helpful to keep the service faster, particularly when running on hard disks.

lastly, not claiming the app cannot be attacked, it's intended to be run in a homelab for non-destructive users.

would love to hear your thoughts. ive tried to balance usability, basic security, and app complexity. if you have a proof of concept attack that works, im more than happy to work on a fix.

[alirezanet]

Hey @Tanq16 , thanks for the reply.

Just to clarify, I’m actually running this on my home server using the Docker package. The thing is, this server has full access to my local network and also runs other services that are exposed to the internet. So from an attacker’s point of view, if they manage to find a vulnerability in any of those services, they could potentially abuse this file-sharing feature too.

Also, my backup tool grabs everything from the server, including these shared files, and uploads them to cloud storage. If they’re stored in raw form, that basically means I’m backing up private content to the cloud unencrypted, which is not ideal.

On top of that, I know it is running in my local network, but for any reason, if the server/network ever gets compromised, having those files just sitting there unencrypted makes it easier for someone to grab and inspect them. I think having the option to store files encrypted (or at least obfuscated) would be a nice layer of protection.

At the end, I totally get that the app is meant to be simple, but some basic security options would go a long way in setups like mine.

[Tanq16]

thanks for the clarification @alirezanet , i'm reading 3 things -

• network services attacking the app - i think this is fine and safe right now; if you find an vulnerable component, happy to fix that
• backup tool including unencrypted files - noted, not relevant to this discussion
• files lying unencrypted on disk - though it's not supposed to be a secret store, i definitely see this as a feature to add

regarding the last bullet point here, could you help me plan this by sharing your thoughts on 2 questions:

• what encryption would you like? my personal recommendation is symmetric AES-GCM
• i'm thinking standard way of using password in an environment variable. how's that sound?

if you like this setup, i'll plan this feature out. thanks a bunch!

[alirezanet]

what encryption would you like? my personal recommendation is symmetric AES-GCM

Ithink the AES family is a solid choice, it is also faster than others.

i'm thinking standard way of using password in an environment variable. how's that sound?

👌Yeah, it would be nice, works in both Docker and executable versions.

[Tanq16]

perfect, thank you! planned for next sitting!

[Tanq16]

this will take a while .. will work on it next cycle. A lot to add this week.

i've planned some of this out though - potentially will be using age as it's known and accepted.

[Tanq16]

just updating here - made a bunch of patches for the other features today. unfortunately, i'll need more time to work on encryption bit. i'm planning a more substantial restructuring of the code since it's gotten fairly big now. adding encryption should follow that to make sure the implementation isn't half baked

appreciate the patience!

[Tanq16]

update here : i finally got a frontend refactor done - thanks to gemini for helping me speed through a lot of it and now frontend is incredibly more maintainable. i will next work on a backend code refactor - mainly splitting the file out into modules and that's when i will add an encryption module.

my plan is that if there is a password or secret env. var., it will automatically trigger encryption. to start with, i might limit encryption to smaller files (<100 MB) which will cover most use cases. i just don't know the performance of encrypting large file (>1GB) in memory. reason why i'm thinking of this is because intent behind encryption is to obfuscate data from the server as well, so it doesn't make sense to write data, save encrypted copy, and delete plain text. but if it's a large file, it may have to do that.

if someone has ideas on this, feel free to put here, otherwise i'll base it on testing. but - as before - will take more time. thanks!