mirror of
https://github.com/filebrowser/filebrowser.git
synced 2026-07-17 16:36:49 +00:00
docs,cmd: warn about broad scope for self-signup users (GHSA-6759-996p-gpj6)
When Signup is enabled with the default scope and createUserDir off, every self-registered user inherits the served root and can read/modify/delete all files. Add a startup WARNING for this configuration and document the risk and the --createUserDir mitigation. No behavior or default change.
This commit is contained in:
parent
2472fbcd30
commit
1fb05d65de
2 changed files with 25 additions and 0 deletions
13
cmd/root.go
13
cmd/root.go
|
|
@ -13,6 +13,7 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
"strings"
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
|
@ -381,6 +382,18 @@ func getServerSettings(v *viper.Viper, st *storage.Storage) (*settings.Server, e
|
||||||
log.Println("WARNING: you fully understand and trust the contents of every user scope.")
|
log.Println("WARNING: you fully understand and trust the contents of every user scope.")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if set, err := st.Settings.Get(); err == nil && set.Signup {
|
||||||
|
scope := strings.TrimSpace(set.Defaults.Scope)
|
||||||
|
scopeIsRoot := scope == "" || scope == "." || scope == "/"
|
||||||
|
|
||||||
|
if !set.CreateUserDir && scopeIsRoot {
|
||||||
|
log.Println("WARNING: Signup is enabled without createUserDir and the default scope is")
|
||||||
|
log.Println("WARNING: the server root, so every self-registered user can read, modify and")
|
||||||
|
log.Println("WARNING: delete all files File Browser serves, including other users' files.")
|
||||||
|
log.Println("WARNING: Enable createUserDir, or set a default scope other than the root.")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return server, nil
|
return server, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,15 @@
|
||||||
|
## Self-Registration (Signup)
|
||||||
|
|
||||||
|
File Browser allows you to enable user self-registration (signup). This can be enabled via **Settings → Global Settings**, or with `filebrowser config set --signup`. Self-registered users inherit the configured **user defaults**, including the scope.
|
||||||
|
|
||||||
|
> [!WARNING]
|
||||||
|
>
|
||||||
|
> By default, the user scope is the server's root, so a self-registered user could read,
|
||||||
|
> modify, and delete every file File Browser serves. To prevent this, either:
|
||||||
|
>
|
||||||
|
> a. Enable `createUserDir` so each user gets their own directory; or
|
||||||
|
> b. If users are meant to share files, set the default scope to something other than the root.
|
||||||
|
|
||||||
## Fail2ban
|
## Fail2ban
|
||||||
|
|
||||||
File Browser does not natively support protection against brute force attacks. Therefore, we suggest using something like [fail2ban](https://github.com/fail2ban/fail2ban), which takes care of that by tracking the logs of your File Browser instance. For more information on how fail2ban works, please refer to their [wiki](https://github.com/fail2ban/fail2ban/wiki).
|
File Browser does not natively support protection against brute force attacks. Therefore, we suggest using something like [fail2ban](https://github.com/fail2ban/fail2ban), which takes care of that by tracking the logs of your File Browser instance. For more information on how fail2ban works, please refer to their [wiki](https://github.com/fail2ban/fail2ban/wiki).
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue