- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
I made a video about copyparty, the selfhosted fileserver I’ve been making for the past 5 years.
The main focus of the video is the features, but it also touches upon configuration. Was hoping it would be easier to follow than the readme on github… not sure how well that went, but hey :D
This video is also available to watch on the copyparty demo server, as a high-quality AV1 file and a lower-quality h264.
The fact you mention security features, without ever saying it’s ‘super secure’ tells me you know a lot about what you’re doing. I’m so sick of apps like this that start with “most secure app on the net” but you know they’re delusional. Thank you, going to check this out.
so uhh, sorry for the late response to this – was going to reply much earlier, but then suddenly it became more timely than ever…
the good news is, I’m fairly confident in how it handles the filesystem and permissions, preventing unauthorized access to files.
but the part I’m a bit less sure about is sanitizing user data; the kind of vulnerabilities where someone uploads a malicious file and bad stuff happens if you then open that file in a certain way, or someone sends you a malicious link and trick you into clicking it – in other words, the kind of vulnerabilities which require the attacker to have a certain level of access already, or that requires tricking you into doing something.
…and with version 1.18.5 released just now, we got a prime example of exactly one of those. Really unfortunate timing, but it’s a blessing to have so many new and curious eyes on it to spot these sooner rather than later. It is what it is.