dangerzone-bot considered dangerous
After I finished working on #14, I realized that it may have only been by chance that dangerzone-bot
has not gone into the Fundraising Team folder and wrecked havoc.
While troubleshooting the group access permissions on that folder, I think there were a few short moments where the external storage was accessible to all NC users, including dangerzone-bot
. If it has started processing files during that time, who knows what would have happened.
Currently, the Common folder in Nextcloud has a special exemption to work around this.
It would be good to address that risk, perhaps by somehow making dangerzone-bot
-bot process incoming files on a opt-in basis, while keeping confidentiality requirements and the usage procedure as simple as possible.