Question about features : Client/Server side encryption #201
Comments
|
Hi, For now it's not really possible to restrict to a specific user base as there is no validation of the accounts. You can still restrict user creation per source IP address, for example users would have to create the account from your office and then could use it from everywhere. We are looking to improve that and make it very generic so it could be possible to add authentication methods easily. Uploaded files receive no special treatments, but the plik cli has a -s option that pass the files to openssl. We did not implement anything in javascript because of the lack of stream stack to pipe the file through encryption and XHR request body. We do not believe much in server side encryption as if the server is compromised the protection could hold for already uploaded files but any new file could be hijacked easily. The need of the name in the url is mainly for old browser and cli tools to get the right file name and to ensure the name is not changed on download. Nevertheless file id is sufficient for us to get the file out of the system. |
|
Thanks for the feedback. |
|
oh, btw. I found this description in a similar project and that sounded like a nice implementation of server side encryption:
|
camathieu
changed the title
I'm looking for something like plik but am not sure it has the features I am looking for. Currently still comparing a few different projects.
I see Google and OVH are available for authentication but I'm not sure how I would use those two and still restrict access to a specific user base. Would it be possible to add IMAP as an authentication provider? That way I could easily give all existing users of an IMAP server access.
How are uploaded files treated, are they encrypted? If yes. client-side or server-side?
It looks like the file names of uploaded files are visible in the download URL, can that be changed?
The text was updated successfully, but these errors were encountered: